昨日の記事のついで。
ternでもcve-bin-toolというのがCVEデータベースとコンテナイメージを比較して脆弱性を洗い出す機能を持っているらしいのだが現時点でまともに動かず。使用感も含めて似たようなことをしてくれるツールにAqua Securityのtrivyというものがあり、それを使って、レポジトリ内のイメージのライセンスではなく、CVEデータベースと比較した脆弱性のレポートを取得しようと。
正直、記事の大半は昨日の焼き増しである。
Dockerとプライベートレジストリのセットアップ
環境はUbuntu 18.04。Lightsailの$3.5のマシンでOK。
1.DockerとRegistryをセットアップする。
$ sudo -i
# apt-get update
# apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
# add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
# apt-get update
# apt-get install docker-ce docker-ce-cli containerd.io
# docker run -d -p 5000:5000 --restart always --name registry registry:2
2.プライベートレジストリにubuntu、centos、busybox:1:23:2、ubi(8)をpushする。
# docker pull ubuntu
# docker tag ubuntu localhost:5000/ubuntu
# docker push localhost:5000/ubuntu
# docker rmi ubuntu localhost:5000/ubuntu
# docker pull centos
# docker tag centos localhost:5000/centos
# docker push localhost:5000/centos
# docker rmi centos localhost:5000/centos
# docker pull busybox:1.23.2
# docker tag busybox:1.23.2 localhost:5000/busybox:1.23.2
# docker push localhost:5000/busybox:1.23.2
# docker rmi busybox:1.23.2 localhost:5000/busybox:1.23.2
# docker login registry.redhat.io
→ Red Hatアカウントを入力
# docker pull registry.redhat.io/ubi8/ubi
# docker tag registry.redhat.io/ubi8/ubi localhost:5000/ubi
# docker push localhost:5000/ubi
# docker rmi registry.redhat.io/ubi8/ubi localhost:5000/ubi
(確認)
ubuntu@ip-172-26-2-169:~$ curl localhost:5000/v2/_catalog
{"repositories":["busybox","centos","ubuntu"]}
ubuntu@ip-172-26-2-169:~$ curl -s http://localhost:5000/v2/busybox/tags/list
{"name":"busybox","tags":["1.23.2"]}
trivyのインストールとスクリプト作成
1.trivyをインストールする。
https://github.com/aquasecurity/trivy#debianubuntu
# sudo apt-get install wget apt-transport-https gnupg lsb-release
# wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
# echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
# sudo apt-get update
# sudo apt-get install trivy
2.レポート作成用のディレクトリを作り、移動する。
# mkdir trivy-reports
# cd trivy-reports
3.以下のpythonファイルを作る。
make-trivy-reports.py
import urllib.request
import json
import os
protocol = "http"
registry = "localhost:5000"
req = urllib.request.Request(protocol + "://" + registry + "/v2/_catalog")
with urllib.request.urlopen(req) as res:
repos = json.loads(res.read())
for repo in repos["repositories"]:
req2 = urllib.request.Request(protocol + "://" + registry + "/v2/" + repo + "/tags/list")
with urllib.request.urlopen(req2) as res2:
tags = json.loads(res2.read())
for tag in tags["tags"]:
os.system("trivy " + registry + "/" + repo + ":" + tag + " > " + repo + ":" + tag + ".txt")
レポート生成
1.レポートを生成する。
こちらはスキャン後にローカルイメージの削除(docker rmi)をする必要もないので、削除する処理を消すという心配もない。
レポートの作成は、ローカルにCVE DBが無い初回はそのダウンロードに少し時間が掛かる。2回目以降はかなり早い。
# python3 make-trivy-reports.py
2.レポートを確認する。
レポート生成したイメージについては、プログラムを実行したディレクトリに「イメージ:タグ.txt」のファイル名が生成される。
(ファイルの確認)
root@ip-172-26-3-209:~/trivy-reports# ls -la
total 208
drwxr-xr-x 2 root root 4096 Jan 3 11:56 .
drwx------ 8 root root 4096 Jan 3 11:57 ..
-rw-r--r-- 1 root root 241 Jan 3 11:56 busybox:1.23.2.txt
-rw-r--r-- 1 root root 105029 Jan 3 11:56 centos:latest.txt
-rw-r--r-- 1 root root 587 Jan 3 11:54 make-trivy-reports.py
-rw-r--r-- 1 root root 70157 Jan 3 11:56 ubi:latest.txt
-rw-r--r-- 1 root root 15444 Jan 3 11:56 ubuntu:latest.txt
busyboxがスキャンできてるかと思いきや、中身を見ると、無理でしたのレポートが載っているのみ。
root@ip-172-26-3-209:~/trivy-reports# cat busybox\:1.23.2.txt
2021-01-03T11:56:38.789Z WARN OS is not detected and vulnerabilities in OS packages are not detected.
2021-01-03T11:56:38.789Z INFO Trivy skips scanning programming language libraries because no supported file was detected
ubi(8)がスキャンできているのはternよりも優秀か。
ubi:latest.txt
2021-01-03T11:56:38.882Z WARN You should avoid using the :latest tag as it is cached. You need to specify '--clear-cache' option when :latest image is changed
2021-01-03T11:56:38.900Z INFO Detecting RHEL/CentOS vulnerabilities...
2021-01-03T11:56:38.903Z INFO Trivy skips scanning programming language libraries because no supported file was detected
localhost:5000/ubi:latest (redhat 8.3)
======================================
Total: 111 (UNKNOWN: 0, LOW: 43, MEDIUM: 67, HIGH: 1, CRITICAL: 0)
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| bash | CVE-2019-18276 | LOW | 4.4.19-12.el8 | | bash: when effective UID is not |
| | | | | | equal to its real UID the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| brotli | CVE-2020-8927 | MEDIUM | 1.0.6-2.el8 | | brotli: buffer overflow when |
| | | | | | input chunk is larger than 2GiB |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8927 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| bzip2-libs | CVE-2019-12900 | LOW | 1.0.6-26.el8 | | bzip2: out-of-bounds write |
| | | | | | in function BZ2_decompress |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12900 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| coreutils-single | CVE-2017-18018 | MEDIUM | 8.30-8.el8 | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| curl | CVE-2020-8284 | | 7.61.1-14.el8_3.1 | | curl: dangerous nature |
| | | | | | of PASV command could |
| | | | | | be used to make curl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8284 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-8285 | | | | curl: malicious FTP server can |
| | | | | | trigger stack overflow when |
| | | | | | CURLOPT_CHUNK_BGN_FUNCTION |
| | | | | | is used... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8285 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-8286 | | | | curl: inferior OCSP verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8286 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2020-8231 | LOW | | | curl: Expired pointer |
| | | | | | dereference via multi API with |
| | | | | | `CURLOPT_CONNECT_ONLY` option set |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8231 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| file-libs | CVE-2019-18218 | MEDIUM | 5.33-16.el8 | | file: heap-based buffer overflow |
| | | | | | in cdf_read_property_info in cdf.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18218 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-8905 | LOW | | | file: stack-based buffer over-read |
| | | | | | in do_core_note in readelf.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-8905 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-8906 | | | | file: out-of-bounds read in |
| | | | | | do_core_note in readelf.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-8906 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| glib2 | CVE-2019-9633 | MEDIUM | 2.56.4-8.el8 | | glib: |
| | | | | | g_socket_client_connected_callback |
| | | | | | in gio/gsocketclient.c allows |
| | | | | | to cause denial of service |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9633 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-16428 | LOW | | | glib2: NULL pointer dereference in |
| | | | | | g_markup_parse_context_end_parse() |
| | | | | | function in gmarkup.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-16428 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-16429 | | | | glib2: Out-of-bounds read in |
| | | | | | g_markup_parse_context_parse() |
| | | | | | in gmarkup.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-16429 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-13012 | | | | glib2: insecure permissions |
| | | | | | for files and directories |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13012 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| glibc | CVE-2019-1010022 | MEDIUM | 2.28-127.el8 | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9169 | | | | glibc: regular-expression |
| | | | | | match via proceed_next_node |
| | | | | | in posix/regexec.c leads to |
| | | | | | heap-based buffer over-read... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9169 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-1010023 | LOW | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+------------------------+------------------+----------+ +---------------+-----------------------------------------+
| glibc-common | CVE-2019-1010022 | MEDIUM | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9169 | | | | glibc: regular-expression |
| | | | | | match via proceed_next_node |
| | | | | | in posix/regexec.c leads to |
| | | | | | heap-based buffer over-read... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9169 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-1010023 | LOW | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+------------------------+------------------+----------+ +---------------+-----------------------------------------+
| glibc-minimal-langpack | CVE-2019-1010022 | MEDIUM | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9169 | | | | glibc: regular-expression |
| | | | | | match via proceed_next_node |
| | | | | | in posix/regexec.c leads to |
| | | | | | heap-based buffer over-read... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9169 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-1010023 | LOW | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| gnupg2 | CVE-2018-1000858 | MEDIUM | 2.2.20-2.el8 | | gnupg2: Cross site request |
| | | | | | forgery in dirmngr resulting |
| | | | | | in an information disclosure... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000858 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| json-c | CVE-2020-12762 | | 0.13.1-0.2.el8 | | json-c: integer overflow |
| | | | | | and out-of-bounds write |
| | | | | | via a large JSON file |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-12762 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| krb5-libs | CVE-2020-28196 | | 1.18.2-5.el8 | | krb5: unbounded recursion via an |
| | | | | | ASN.1-encoded Kerberos message |
| | | | | | in lib/krb5/asn.1/asn1_encode.c |
| | | | | | may lead... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-28196 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| libarchive | CVE-2017-14502 | | 3.3.2-9.el8 | | libarchive: Off-by-one error |
| | | | | | in the read_header function |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14502 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-21674 | | | | libarchive: heap-based |
| | | | | | buffer overflow in |
| | | | | | archive_string_append_from_wcs |
| | | | | | function in archive_string.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-21674 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2017-14166 | LOW | | | libarchive: Heap-based buffer |
| | | | | | over-read in the atol8 function |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14166 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2017-14501 | | | | libarchive: Out-of-bounds |
| | | | | | read in parse_file_info |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-14501 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-1000879 | | | | libarchive: NULL pointer dereference in |
| | | | | | ACL parser resulting in a denial of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000879 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-1000880 | | | | libarchive: Improper input |
| | | | | | validation in WARC parser |
| | | | | | resulting in a denial of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000880 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| libcom_err | CVE-2019-5188 | MEDIUM | 1.45.6-1.el8 | | e2fsprogs: Out-of-bounds |
| | | | | | write in e2fsck/rehash.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-5188 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| libcurl | CVE-2020-8284 | | 7.61.1-14.el8_3.1 | | curl: dangerous nature |
| | | | | | of PASV command could |
| | | | | | be used to make curl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8284 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-8285 | | | | curl: malicious FTP server can |
| | | | | | trigger stack overflow when |
| | | | | | CURLOPT_CHUNK_BGN_FUNCTION |
| | | | | | is used... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8285 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-8286 | | | | curl: inferior OCSP verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8286 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2020-8231 | LOW | | | curl: Expired pointer |
| | | | | | dereference via multi API with |
| | | | | | `CURLOPT_CONNECT_ONLY` option set |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-8231 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| libdb | CVE-2019-2708 | | 5.3.28-39.el8 | | libdb: data store execution |
| | | | | | leads to partial DoS |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-2708 |
+------------------------+ + + +---------------+ +
| libdb-utils | | | | | |
| | | | | | |
| | | | | | |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| libgcc | CVE-2018-20673 | MEDIUM | 8.3.1-5.1.el8 | | libiberty: Integer overflow in |
| | | | | | demangle_template() function |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-20657 | LOW | | | libiberty: Memory leak in |
| | | | | | demangle_template function |
| | | | | | resulting in a denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20657 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-14250 | | | | binutils: integer overflow in |
| | | | | | simple-object-elf.c leads to |
| | | | | | a heap-based buffer overflow |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14250 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| libgcrypt | CVE-2019-12904 | MEDIUM | 1.8.5-4.el8 | | Libgcrypt: physical addresses |
| | | | | | being available to other processes |
| | | | | | leads to a flush-and-reload... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12904 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| libidn2 | CVE-2019-18224 | | 2.2.0-1.el8 | | libidn2: heap-based buffer overflow |
| | | | | | in idn2_to_ascii_4i in lib/lookup.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18224 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| libssh | CVE-2020-16135 | LOW | 0.9.4-2.el8 | | libssh: NULL pointer |
| | | | | | dereference in sftpserver.c |
| | | | | | if ssh_buffer_new returns NULL |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-16135 |
+------------------------+ + + +---------------+ +
| libssh-config | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| libstdc++ | CVE-2018-20673 | MEDIUM | 8.3.1-5.1.el8 | | libiberty: Integer overflow in |
| | | | | | demangle_template() function |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20673 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-20657 | LOW | | | libiberty: Memory leak in |
| | | | | | demangle_template function |
| | | | | | resulting in a denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20657 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-14250 | | | | binutils: integer overflow in |
| | | | | | simple-object-elf.c leads to |
| | | | | | a heap-based buffer overflow |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14250 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| libtasn1 | CVE-2018-1000654 | | 4.13-3.el8 | | libtasn1: Infinite loop in |
| | | | | | _asn1_expand_object_id(ptree) |
| | | | | | leads to memory exhaustion |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| libxml2 | CVE-2020-24977 | MEDIUM | 2.9.7-8.el8 | | libxml2: Buffer Overflow |
| | | | | | vulnerability in |
| | | | | | xmlEncodeEntitiesInternal |
| | | | | | at libxml2/entities.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-24977 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| lua-libs | CVE-2020-15945 | | 5.3.4-11.el8 | | lua: segmentation fault |
| | | | | | in changedline in ldebug.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-15945 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2020-24370 | LOW | | | lua: segmentation fault in getlocal |
| | | | | | and setlocal functions in ldebug.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-24370 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| lz4-libs | CVE-2019-17543 | MEDIUM | 1.8.3-2.el8 | | lz4: heap-based buffer |
| | | | | | overflow in LZ4_write32 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| ncurses-base | CVE-2019-17594 | | 6.1-7.20180224.el8 | | ncurses: heap-based buffer |
| | | | | | overflow in the _nc_find_entry |
| | | | | | function in tinfo/comp_hash.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17594 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-17595 | | | | ncurses: heap-based buffer |
| | | | | | overflow in the fmt_entry |
| | | | | | function in tinfo/comp_hash.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17595 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-19211 | LOW | | | ncurses: Null pointer |
| | | | | | dereference at function |
| | | | | | _nc_parse_entry in parse_entry.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-19211 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-19217 | | | | ncurses: Null pointer dereference |
| | | | | | at function _nc_name_match |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-19217 |
+------------------------+------------------+----------+ +---------------+-----------------------------------------+
| ncurses-libs | CVE-2019-17594 | MEDIUM | | | ncurses: heap-based buffer |
| | | | | | overflow in the _nc_find_entry |
| | | | | | function in tinfo/comp_hash.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17594 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-17595 | | | | ncurses: heap-based buffer |
| | | | | | overflow in the fmt_entry |
| | | | | | function in tinfo/comp_hash.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17595 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-19211 | LOW | | | ncurses: Null pointer |
| | | | | | dereference at function |
| | | | | | _nc_parse_entry in parse_entry.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-19211 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2018-19217 | | | | ncurses: Null pointer dereference |
| | | | | | at function _nc_name_match |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-19217 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| openldap | CVE-2019-13057 | MEDIUM | 2.4.46-15.el8 | | openldap: Information disclosure |
| | | | | | issue in slapd component |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13057 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-12243 | | | | openldap: denial of service |
| | | | | | via nested boolean expressions |
| | | | | | in LDAP search filters... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-12243 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| p11-kit | CVE-2020-29361 | | 0.23.14-5.el8_0 | | p11-kit: integer overflow when |
| | | | | | allocating memory for arrays |
| | | | | | or attributes and object... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29361 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-29362 | | | | p11-kit: out-of-bounds read in |
| | | | | | p11_rpc_buffer_get_byte_array |
| | | | | | function in rpc-message.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29362 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-29363 | | | | p11-kit: out-of-bounds write in |
| | | | | | p11_rpc_buffer_get_byte_array_value |
| | | | | | function in rpc-message.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29363 |
+------------------------+------------------+ + +---------------+-----------------------------------------+
| p11-kit-trust | CVE-2020-29361 | | | | p11-kit: integer overflow when |
| | | | | | allocating memory for arrays |
| | | | | | or attributes and object... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29361 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-29362 | | | | p11-kit: out-of-bounds read in |
| | | | | | p11_rpc_buffer_get_byte_array |
| | | | | | function in rpc-message.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29362 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-29363 | | | | p11-kit: out-of-bounds write in |
| | | | | | p11_rpc_buffer_get_byte_array_value |
| | | | | | function in rpc-message.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-29363 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| pcre | CVE-2019-20838 | LOW | 8.42-4.el8 | | pcre: buffer over-read in |
| | | | | | JIT when UTF is disabled |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-14155 | | | | pcre: integer overflow in libpcre |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| platform-python | CVE-2019-18348 | MEDIUM | 3.6.8-31.el8 | | python: CRLF injection via the |
| | | | | | host part of the url passed to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18348 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-26116 | | | | python: CRLF injection via HTTP |
| | | | | | request method in httplib/http.client |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-26116 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-27619 | | | | python: Python 3 eval of http |
| | | | | | resources during test suite runs |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27619 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-9674 | LOW | | | python: Nested zip file (Zip bomb) |
| | | | | | vulnerability in Lib/zipfile.py |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9674 |
+------------------------+------------------+----------+ +---------------+-----------------------------------------+
| python3-libs | CVE-2019-18348 | MEDIUM | | | python: CRLF injection via the |
| | | | | | host part of the url passed to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18348 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-26116 | | | | python: CRLF injection via HTTP |
| | | | | | request method in httplib/http.client |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-26116 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-27619 | | | | python: Python 3 eval of http |
| | | | | | resources during test suite runs |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27619 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-9674 | LOW | | | python: Nested zip file (Zip bomb) |
| | | | | | vulnerability in Lib/zipfile.py |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9674 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| python3-libxml2 | CVE-2020-24977 | MEDIUM | 2.9.7-8.el8 | | libxml2: Buffer Overflow |
| | | | | | vulnerability in |
| | | | | | xmlEncodeEntitiesInternal |
| | | | | | at libxml2/entities.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-24977 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| python3-pip-wheel | CVE-2020-14422 | | 9.0.3-18.el8 | | python: DoS via inefficiency |
| | | | | | in IPv{4,6}Interface classes |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14422 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2018-20225 | LOW | | | python-pip: when --extra-index-url |
| | | | | | option is used and package |
| | | | | | does not already exist... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20225 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| sqlite-libs | CVE-2019-5827 | HIGH | 3.26.0-11.el8 | | chromium-browser: |
| | | | | | out-of-bounds access in SQLite |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-5827 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-13750 | MEDIUM | | | sqlite: dropping of shadow tables |
| | | | | | not restricted in defensive mode |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13750 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-13751 | | | | sqlite: fts3: improve |
| | | | | | detection of corrupted records |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13751 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-19242 | | | | sqlite: SQL injection in |
| | | | | | sqlite3ExprCodeTarget in expr.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19242 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-19603 | | | | sqlite: mishandles certain SELECT |
| | | | | | statements with a nonexistent |
| | | | | | VIEW, leading to DoS... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19603 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-19645 | | | | sqlite: infinite recursion via |
| | | | | | certain types of self-referential |
| | | | | | views in conjunction with... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19645 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-19880 | | | | sqlite: invalid pointer dereference |
| | | | | | in exprListAppendList in window.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19880 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13434 | | | | sqlite: integer overflow |
| | | | | | in sqlite3_str_vappendf |
| | | | | | function in printf.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13434 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13435 | | | | sqlite: NULL pointer dereference |
| | | | | | leads to segmentation fault in |
| | | | | | sqlite3ExprCodeTarget in expr.c... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13435 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-15358 | | | | sqlite: heap-based buffer overflow in |
| | | | | | multiSelectOrderBy due to mishandling |
| | | | | | of query-flattener optimization... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-15358 |
+ +------------------+----------+ +---------------+-----------------------------------------+
| | CVE-2019-19244 | LOW | | | sqlite: allows a crash |
| | | | | | if a sub-select uses both |
| | | | | | DISTINCT and window... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19244 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9936 | | | | sqlite: heap-based buffer |
| | | | | | over-read in function |
| | | | | | fts5HashEntrySort in sqlite3.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9936 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-9937 | | | | sqlite: null-pointer |
| | | | | | dereference in function |
| | | | | | fts5ChunkIterate in sqlite3.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9937 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| systemd | CVE-2018-20839 | MEDIUM | 239-41.el8_3.1 | | systemd: mishandling of the |
| | | | | | current keyboard mode check |
| | | | | | leading to passwords being... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20839 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-3842 | | | | systemd: Spoofing of XDG_SEAT |
| | | | | | allows for actions to be checked |
| | | | | | against "allow_active"... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3842 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13776 | | | | systemd: mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+------------------------+------------------+ + +---------------+-----------------------------------------+
| systemd-libs | CVE-2018-20839 | | | | systemd: mishandling of the |
| | | | | | current keyboard mode check |
| | | | | | leading to passwords being... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20839 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-3842 | | | | systemd: Spoofing of XDG_SEAT |
| | | | | | allows for actions to be checked |
| | | | | | against "allow_active"... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3842 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13776 | | | | systemd: mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+------------------------+------------------+ + +---------------+-----------------------------------------+
| systemd-pam | CVE-2018-20839 | | | | systemd: mishandling of the |
| | | | | | current keyboard mode check |
| | | | | | leading to passwords being... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20839 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2019-3842 | | | | systemd: Spoofing of XDG_SEAT |
| | | | | | allows for actions to be checked |
| | | | | | against "allow_active"... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3842 |
+ +------------------+ + +---------------+-----------------------------------------+
| | CVE-2020-13776 | | | | systemd: mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
| tar | CVE-2019-9923 | LOW | 2:1.30-5.el8 | | tar: null-pointer dereference |
| | | | | | in pax_decode_header in sparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 |
+------------------------+------------------+ +--------------------+---------------+-----------------------------------------+
| vim-minimal | CVE-2018-20786 | | 2:8.0.1763-15.el8 | | libvterm: NULL pointer dereference |
| | | | | | in vterm_screen_set_callbacks |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20786 |
+------------------------+------------------+----------+--------------------+---------------+-----------------------------------------+
お、、結構、脆弱なんだな。。