Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Invalid
-
1.3.0
-
None
-
None
-
Docker
Description
tgates@MacBook-Pro ~
% docker pull guacamole/guacamole:1.3.0
1.3.0: Pulling from guacamole/guacamole
Digest: sha256:739cb6820ae884827ceaaa87b45b8802769649c848d737584aea79d999177dc3
Status: Downloaded newer image for guacamole/guacamole:1.3.0
docker.io/guacamole/guacamole:1.3.0
tgates@MacBook-Pro ~
% docker scan guacamole/guacamole:1.3.0
Testing guacamole/guacamole:1.3.0...
✗ Low severity vulnerability found in tar
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-TAR-1063001
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6
✗ Low severity vulnerability found in tar
Description: CVE-2005-2541
Info: https://snyk.io/vuln/SNYK-DEBIAN10-TAR-312331
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6
✗ Low severity vulnerability found in tar
Description: NULL Pointer Dereference
Info: https://snyk.io/vuln/SNYK-DEBIAN10-TAR-341203
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > tar@1.30+dfsg-6
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Authentication Bypass
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-1291056
Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > systemd/libsystemd0@241-7~deb10u5
From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Link Following
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-305144
Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > systemd/libsystemd0@241-7~deb10u5
From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Missing Release of Resource after Effective Lifetime
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-542807
Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > systemd/libsystemd0@241-7~deb10u5
From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
and 4 more...
✗ Low severity vulnerability found in systemd/libsystemd0
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-570991
Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > systemd/libsystemd0@241-7~deb10u5
From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
and 4 more...
✗ Low severity vulnerability found in sqlite3/libsqlite3-0
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-535712
Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
✗ Low severity vulnerability found in sqlite3/libsqlite3-0
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-565214
Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
✗ Low severity vulnerability found in shadow/passwd
Description: Time-of-check Time-of-use (TOCTOU)
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306205
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306230
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Access Restriction Bypass
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-306250
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in shadow/passwd
Description: Incorrect Permission Assignment for Critical Resource
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SHADOW-539852
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2, gnupg2/dirmngr@2.2.12-1+deb10u1, shadow/login@1:4.5-1.1, util-linux/mount@2.33.1-0.1
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > shadow/passwd@1:4.5-1.1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > adduser@3.118 > shadow/passwd@1:4.5-1.1
From: shadow/login@1:4.5-1.1
and 1 more...
✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Cryptographic Issues
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-306560
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Arbitrary Code Injection
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-306596
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Arbitrary Code Injection
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-474393
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Resource Exhaustion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-543815
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Resource Exhaustion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-546420
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Low severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-584372
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Low severity vulnerability found in python-defaults/libpython2-stdlib
Description: Link Following
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHONDEFAULTS-269278
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/python2@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1
and 5 more...
✗ Low severity vulnerability found in perl
Description: Link Following
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PERL-327793
Introduced through: git@1:2.20.1-2+deb10u3, meta-common-packages@meta
From: git@1:2.20.1-2+deb10u3 > perl@5.28.1-6+deb10u1
From: git@1:2.20.1-2+deb10u3 > liberror-perl@0.17027-2 > perl@5.28.1-6+deb10u1
From: git@1:2.20.1-2+deb10u3 > perl@5.28.1-6+deb10u1 > perl/perl-modules-5.28@5.28.1-6+deb10u1
and 3 more...
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345321
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345353
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Uncontrolled Recursion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345502
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-345530
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in pcre3/libpcre3
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572368
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
✗ Low severity vulnerability found in openssl/libssl1.1
Description: Cryptographic Issues
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-374709
Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: openssl/libssl1.1@1.1.1d-0+deb10u4
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > openssl/libssl1.1@1.1.1d-0+deb10u4
From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > openssl/libssl1.1@1.1.1d-0+deb10u4
and 6 more...
✗ Low severity vulnerability found in openssl/libssl1.1
Description: Cryptographic Issues
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-374996
Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: openssl/libssl1.1@1.1.1d-0+deb10u4
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > openssl/libssl1.1@1.1.1d-0+deb10u4
From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > openssl/libssl1.1@1.1.1d-0+deb10u4
and 6 more...
✗ Low severity vulnerability found in openssh/openssh-client
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-368617
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Access Restriction Bypass
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-368833
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-368925
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Improper Authentication
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-369016
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Inappropriate Encoding for Output Context
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-369020
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-472477
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-570880
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-574764
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openssh/openssh-client
Description: OS Command Injection
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSH-590144
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2
✗ Low severity vulnerability found in openldap/libldap-common
Description: Improper Initialization
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-304601
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
✗ Low severity vulnerability found in openldap/libldap-common
Description: Cryptographic Issues
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-304654
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
✗ Low severity vulnerability found in openldap/libldap-common
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-304666
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
✗ Low severity vulnerability found in openldap/libldap-common
Description: Improper Certificate Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-584924
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
✗ Low severity vulnerability found in nettle/libnettle6
Description: CVE-2021-3580
Info: https://snyk.io/vuln/SNYK-DEBIAN10-NETTLE-1301269
Introduced through: iputils/iputils-ping@3:20180629-2+deb10u1, wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
From: iputils/iputils-ping@3:20180629-2+deb10u1 > nettle/libnettle6@3.4.1-1
From: wget@1.20.1-1.1 > nettle/libnettle6@3.4.1-1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > nettle/libnettle6@3.4.1-1
and 5 more...
✗ Low severity vulnerability found in lz4/liblz4-1
Description: Buffer Overflow
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LZ4-473072
Introduced through: apt@1.8.2.2, subversion@1.10.4-1+deb10u1, procps@2:3.3.15-2
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > lz4/liblz4-1@1.8.3-1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > lz4/liblz4-1@1.8.3-1
From: procps@2:3.3.15-2 > procps/libprocps7@2:3.3.15-2 > systemd/libsystemd0@241-7~deb10u5 > lz4/liblz4-1@1.8.3-1
✗ Low severity vulnerability found in libtasn1-6
Description: Resource Management Errors
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBTASN16-339585
Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
From: p11-kit@0.23.15-2 > libtasn1-6@4.13-3
From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > libtasn1-6@4.13-3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > gnutls28/libgnutls30@3.6.7-4+deb10u5 > libtasn1-6@4.13-3
✗ Low severity vulnerability found in libssh2/libssh2-1
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBSSH2-474372
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > libssh2/libssh2-1@1.8.0-2.1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > libssh2/libssh2-1@1.8.0-2.1
✗ Low severity vulnerability found in libseccomp/libseccomp2
Description: Access Restriction Bypass
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBSECCOMP-341044
Introduced through: libseccomp/libseccomp2@2.3.3-4, apt@1.8.2.2
From: libseccomp/libseccomp2@2.3.3-4
From: apt@1.8.2.2 > libseccomp/libseccomp2@2.3.3-4
✗ Low severity vulnerability found in libpng1.6/libpng16-16
Description: Resource Management Errors
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBPNG16-296440
Introduced through: fontconfig@2.13.1-2
From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > freetype/libfreetype6@2.9.1-3+deb10u2 > libpng1.6/libpng16-16@1.6.36-6
✗ Low severity vulnerability found in libpng1.6/libpng16-16
Description: Memory Leak
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBPNG16-296468
Introduced through: fontconfig@2.13.1-2
From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > freetype/libfreetype6@2.9.1-3+deb10u2 > libpng1.6/libpng16-16@1.6.36-6
✗ Low severity vulnerability found in libpng1.6/libpng16-16
Description: Out-of-bounds Write
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBPNG16-296471
Introduced through: fontconfig@2.13.1-2
From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > freetype/libfreetype6@2.9.1-3+deb10u2 > libpng1.6/libpng16-16@1.6.36-6
✗ Low severity vulnerability found in libgcrypt20
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-391902
Introduced through: gnupg2/dirmngr@2.2.12-1+deb10u1, gnupg2/gnupg@2.2.12-1+deb10u1, procps@2:3.3.15-2, curl@7.64.0-4+deb10u1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
and 8 more...
✗ Low severity vulnerability found in krb5/libkrb5support0
Description: CVE-2004-0971
Info: https://snyk.io/vuln/SNYK-DEBIAN10-KRB5-395883
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3, openssh/openssh-client@1:7.9p1-10+deb10u2, subversion@1.10.4-1+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libk5crypto3@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5-3@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
and 11 more...
✗ Low severity vulnerability found in krb5/libkrb5support0
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-KRB5-395955
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3, openssh/openssh-client@1:7.9p1-10+deb10u2, subversion@1.10.4-1+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libk5crypto3@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > krb5/libgssapi-krb5-2@1.17-3+deb10u1 > krb5/libkrb5-3@1.17-3+deb10u1 > krb5/libkrb5support0@1.17-3+deb10u1
and 11 more...
✗ Low severity vulnerability found in iptables/libxtables12
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-IPTABLES-287323
Introduced through: iproute2@4.20.0-2
From: iproute2@4.20.0-2 > iptables/libxtables12@1.8.2-4
✗ Low severity vulnerability found in iptables/libxtables12
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-IPTABLES-451768
Introduced through: iproute2@4.20.0-2
From: iproute2@4.20.0-2 > iptables/libxtables12@1.8.2-4
✗ Low severity vulnerability found in gnutls28/libgnutls30
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-340755
Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
and 3 more...
✗ Low severity vulnerability found in gnupg2/gpgv
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GNUPG2-535553
Introduced through: apt@1.8.2.2, gnupg2/gnupg@2.2.12-1+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1
From: apt@1.8.2.2 > gnupg2/gpgv@2.2.12-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1
and 18 more...
✗ Low severity vulnerability found in glibc/libc-bin
Description: Double Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1078993
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338106
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Uncontrolled Recursion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-338163
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356371
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356671
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Resource Management Errors
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356735
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: CVE-2010-4051
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-356875
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452228
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Access Restriction Bypass
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-452267
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Use of Insufficiently Random Values
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453375
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-453640
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-534995
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in glibc/libc-bin
Description: Integer Underflow
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-564233
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Low severity vulnerability found in git/git-man
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GIT-340854
Introduced through: git@1:2.20.1-2+deb10u3
From: git@1:2.20.1-2+deb10u3 > git/git-man@1:2.20.1-2+deb10u3
From: git@1:2.20.1-2+deb10u3
✗ Low severity vulnerability found in expat/libexpat1
Description: XML External Entity (XXE) Injection
Info: https://snyk.io/vuln/SNYK-DEBIAN10-EXPAT-358079
Introduced through: git@1:2.20.1-2+deb10u3, fontconfig@2.13.1-2, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: git@1:2.20.1-2+deb10u3 > expat/libexpat1@2.2.6-2+deb10u1
From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > expat/libexpat1@2.2.6-2+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > expat/libexpat1@2.2.6-2+deb10u1
and 2 more...
✗ Low severity vulnerability found in curl/libcurl4
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1049501
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ Low severity vulnerability found in curl/libcurl4
Description: Authentication Bypass
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1089958
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ Low severity vulnerability found in curl/libcurl4
Description: CVE-2021-22898
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1296892
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
✗ Low severity vulnerability found in coreutils
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317465
Introduced through: fontconfig@2.13.1-2
From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > fontconfig/fontconfig-config@2.13.1-2 > ucf@3.0038+nmu1 > coreutils@8.30-3
✗ Low severity vulnerability found in coreutils
Description: Race Condition
Info: https://snyk.io/vuln/SNYK-DEBIAN10-COREUTILS-317494
Introduced through: fontconfig@2.13.1-2
From: fontconfig@2.13.1-2 > fontconfig/libfontconfig1@2.13.1-2 > fontconfig/fontconfig-config@2.13.1-2 > ucf@3.0038+nmu1 > coreutils@8.30-3
✗ Low severity vulnerability found in bash
Description: Improper Check for Dropped Privileges
Info: https://snyk.io/vuln/SNYK-DEBIAN10-BASH-536280
Introduced through: bash@5.0-4
From: bash@5.0-4
✗ Low severity vulnerability found in apt/libapt-pkg5.0
Description: Improper Verification of Cryptographic Signature
Info: https://snyk.io/vuln/SNYK-DEBIAN10-APT-407502
Introduced through: apt/libapt-pkg5.0@1.8.2.2, apt@1.8.2.2
From: apt/libapt-pkg5.0@1.8.2.2
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2
From: apt@1.8.2.2
✗ Medium severity vulnerability found in wget
Description: Open Redirect
Info: https://snyk.io/vuln/SNYK-DEBIAN10-WGET-1277612
Introduced through: wget@1.20.1-1.1
From: wget@1.20.1-1.1
✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
Description: Uncontrolled Recursion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-537251
Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
Description: Improper Handling of Exceptional Conditions
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-539769
Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
Description: CVE-2020-13631
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-570487
Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
✗ Medium severity vulnerability found in python2.7/libpython2.7-stdlib
Description: HTTP Request Smuggling
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-1085863
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ Medium severity vulnerability found in pcre3/libpcre3
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE3-572367
Introduced through: meta-common-packages@meta
From: meta-common-packages@meta > pcre3/libpcre3@2:8.39-12
✗ Medium severity vulnerability found in p11-kit/libp11-kit0
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-P11KIT-1050832
Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
From: p11-kit@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > gnutls28/libgnutls30@3.6.7-4+deb10u5 > p11-kit/libp11-kit0@0.23.15-2
and 2 more...
Fixed in: 0.23.15-2+deb10u1
✗ Medium severity vulnerability found in openssl/libssl1.1
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1075330
Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: openssl/libssl1.1@1.1.1d-0+deb10u4
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > openssl/libssl1.1@1.1.1d-0+deb10u4
From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > openssl/libssl1.1@1.1.1d-0+deb10u4
and 6 more...
Fixed in: 1.1.1d-0+deb10u5
✗ Medium severity vulnerability found in openssl/libssl1.1
Description: NULL Pointer Dereference
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1089177
Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: openssl/libssl1.1@1.1.1d-0+deb10u4
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > openssl/libssl1.1@1.1.1d-0+deb10u4
From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > openssl/libssl1.1@1.1.1d-0+deb10u4
and 6 more...
Fixed in: 1.1.1d-0+deb10u6
✗ Medium severity vulnerability found in openssl/libssl1.1
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-536856
Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: openssl/libssl1.1@1.1.1d-0+deb10u4
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > openssl/libssl1.1@1.1.1d-0+deb10u4
From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > openssl/libssl1.1@1.1.1d-0+deb10u4
and 6 more...
Fixed in: 1.1.1d-0+deb10u5
✗ Medium severity vulnerability found in libzstd/libzstd1
Description: Incorrect Default Permissions
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBZSTD-1080893
Introduced through: libzstd/libzstd1@1.3.8+dfsg-3, apt@1.8.2.2
From: libzstd/libzstd1@1.3.8+dfsg-3
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > libzstd/libzstd1@1.3.8+dfsg-3
Fixed in: 1.3.8+dfsg-3+deb10u1
✗ Medium severity vulnerability found in libzstd/libzstd1
Description: Incorrect Default Permissions
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBZSTD-1080899
Introduced through: libzstd/libzstd1@1.3.8+dfsg-3, apt@1.8.2.2
From: libzstd/libzstd1@1.3.8+dfsg-3
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > libzstd/libzstd1@1.3.8+dfsg-3
Fixed in: 1.3.8+dfsg-3+deb10u2
✗ Medium severity vulnerability found in libgcrypt20
Description: Race Condition
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-460489
Introduced through: gnupg2/dirmngr@2.2.12-1+deb10u1, gnupg2/gnupg@2.2.12-1+deb10u1, procps@2:3.3.15-2, curl@7.64.0-4+deb10u1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
and 8 more...
✗ Medium severity vulnerability found in iproute2
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-IPROUTE2-568742
Introduced through: iproute2@4.20.0-2
From: iproute2@4.20.0-2
✗ Medium severity vulnerability found in glibc/libc-bin
Description: Loop with Unreachable Exit Condition ('Infinite Loop')
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1035462
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Medium severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1055403
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Medium severity vulnerability found in glibc/libc-bin
Description: Out-of-Bounds
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559181
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ Medium severity vulnerability found in curl/libcurl4
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1089952
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ High severity vulnerability found in systemd/libsystemd0
Description: Privilege Chaining
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345386
Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > systemd/libsystemd0@241-7~deb10u5
From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
and 4 more...
✗ High severity vulnerability found in systemd/libsystemd0
Description: Incorrect Privilege Assignment
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SYSTEMD-345391
Introduced through: util-linux/bsdutils@1:2.33.1-0.1, apt@1.8.2.2, util-linux/mount@2.33.1-0.1, procps@2:3.3.15-2, systemd/libudev1@241-7~deb10u5
From: util-linux/bsdutils@1:2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > systemd/libsystemd0@241-7~deb10u5
From: util-linux/mount@2.33.1-0.1 > util-linux@2.33.1-0.1 > systemd/libsystemd0@241-7~deb10u5
and 4 more...
✗ High severity vulnerability found in subversion/libsvn1
Description: NULL Pointer Dereference
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SUBVERSION-1071814
Introduced through: subversion@1.10.4-1+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1
From: subversion@1.10.4-1+deb10u1
Fixed in: 1.10.4-1+deb10u2
✗ High severity vulnerability found in sqlite3/libsqlite3-0
Description: CVE-2019-19603
Info: https://snyk.io/vuln/SNYK-DEBIAN10-SQLITE3-537598
Introduced through: gnupg2/gnupg@2.2.12-1+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpg@2.2.12-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1 > sqlite3/libsqlite3-0@3.27.2-3+deb10u1
✗ High severity vulnerability found in python2.7/libpython2.7-stdlib
Description: Buffer Overflow
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PYTHON27-1063178
Introduced through: mercurial@4.8.2-1+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python2.7@2.7.16-2+deb10u1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
From: mercurial@4.8.2-1+deb10u1 > python-defaults/python@2.7.16-1 > python-defaults/libpython-stdlib@2.7.16-1 > python-defaults/libpython2-stdlib@2.7.16-1 > python2.7/libpython2.7-stdlib@2.7.16-2+deb10u1
and 7 more...
✗ High severity vulnerability found in pcre2/libpcre2-8-0
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-PCRE2-548863
Introduced through: git@1:2.20.1-2+deb10u3, wget@1.20.1-1.1
From: git@1:2.20.1-2+deb10u3 > pcre2/libpcre2-8-0@10.32-5
From: wget@1.20.1-1.1 > pcre2/libpcre2-8-0@10.32-5
✗ High severity vulnerability found in p11-kit/libp11-kit0
Description: Out-of-bounds Write
Info: https://snyk.io/vuln/SNYK-DEBIAN10-P11KIT-1050833
Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
From: p11-kit@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > gnutls28/libgnutls30@3.6.7-4+deb10u5 > p11-kit/libp11-kit0@0.23.15-2
and 2 more...
Fixed in: 0.23.15-2+deb10u1
✗ High severity vulnerability found in p11-kit/libp11-kit0
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-P11KIT-1050836
Introduced through: p11-kit@0.23.15-2, curl@7.64.0-4+deb10u1
From: p11-kit@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
From: p11-kit@0.23.15-2 > p11-kit/p11-kit-modules@0.23.15-2 > p11-kit/libp11-kit0@0.23.15-2
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > gnutls28/libgnutls30@3.6.7-4+deb10u5 > p11-kit/libp11-kit0@0.23.15-2
and 2 more...
Fixed in: 0.23.15-2+deb10u1
✗ High severity vulnerability found in openssl/libssl1.1
Description: Integer Overflow or Wraparound
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1075326
Introduced through: openssl/libssl1.1@1.1.1d-0+deb10u4, openssh/openssh-client@1:7.9p1-10+deb10u2, ca-certificates@20200601~deb10u1, curl@7.64.0-4+deb10u1, subversion@1.10.4-1+deb10u1, mercurial@4.8.2-1+deb10u1
From: openssl/libssl1.1@1.1.1d-0+deb10u4
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > openssl/libssl1.1@1.1.1d-0+deb10u4
From: ca-certificates@20200601~deb10u1 > openssl@1.1.1d-0+deb10u4 > openssl/libssl1.1@1.1.1d-0+deb10u4
and 6 more...
Fixed in: 1.1.1d-0+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Reachable Assertion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064721
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064724
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Integer Underflow
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064726
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Release of Invalid Pointer or Reference
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064733
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Double Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064737
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Loop with Unreachable Exit Condition ('Infinite Loop')
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064742
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: CVE-2020-36226
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064744
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Integer Underflow
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064746
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Access of Resource Using Incompatible Type ('Type Confusion')
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064752
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Reachable Assertion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1064754
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u5
✗ High severity vulnerability found in openldap/libldap-common
Description: Reachable Assertion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-OPENLDAP-1074919
Introduced through: curl@7.64.0-4+deb10u1, gnupg2/dirmngr@2.2.12-1+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4 > openldap/libldap-common@2.4.47+dfsg-3+deb10u4
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u4
and 1 more...
Fixed in: 2.4.47+dfsg-3+deb10u6
✗ High severity vulnerability found in nettle/libnettle6
Description: Use of a Broken or Risky Cryptographic Algorithm
Info: https://snyk.io/vuln/SNYK-DEBIAN10-NETTLE-1090205
Introduced through: iputils/iputils-ping@3:20180629-2+deb10u1, wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
From: iputils/iputils-ping@3:20180629-2+deb10u1 > nettle/libnettle6@3.4.1-1
From: wget@1.20.1-1.1 > nettle/libnettle6@3.4.1-1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > nettle/libnettle6@3.4.1-1
and 5 more...
✗ High severity vulnerability found in lz4/liblz4-1
Description: Out-of-bounds Write
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LZ4-1277601
Introduced through: apt@1.8.2.2, subversion@1.10.4-1+deb10u1, procps@2:3.3.15-2
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > lz4/liblz4-1@1.8.3-1
From: subversion@1.10.4-1+deb10u1 > subversion/libsvn1@1.10.4-1+deb10u1 > lz4/liblz4-1@1.8.3-1
From: procps@2:3.3.15-2 > procps/libprocps7@2:3.3.15-2 > systemd/libsystemd0@241-7~deb10u5 > lz4/liblz4-1@1.8.3-1
Fixed in: 1.8.3-1+deb10u1
✗ High severity vulnerability found in libssh2/libssh2-1
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBSSH2-452460
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > libssh2/libssh2-1@1.8.0-2.1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1 > libssh2/libssh2-1@1.8.0-2.1
✗ High severity vulnerability found in libidn2/libidn2-0
Description: Improper Input Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBIDN2-474100
Introduced through: iputils/iputils-ping@3:20180629-2+deb10u1, wget@1.20.1-1.1, curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: iputils/iputils-ping@3:20180629-2+deb10u1 > libidn2/libidn2-0@2.0.5-1+deb10u1
From: wget@1.20.1-1.1 > libidn2/libidn2-0@2.0.5-1+deb10u1
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1 > libidn2/libidn2-0@2.0.5-1+deb10u1
and 3 more...
✗ High severity vulnerability found in libgcrypt20
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBGCRYPT20-1297893
Introduced through: gnupg2/dirmngr@2.2.12-1+deb10u1, gnupg2/gnupg@2.2.12-1+deb10u1, procps@2:3.3.15-2, curl@7.64.0-4+deb10u1
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
From: gnupg2/gnupg@2.2.12-1+deb10u1 > gnupg2/gpgv@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnupg2/gpgconf@2.2.12-1+deb10u1 > libgcrypt20@1.8.4-5
and 8 more...
✗ High severity vulnerability found in libbsd/libbsd0
Description: Out-of-bounds Read
Info: https://snyk.io/vuln/SNYK-DEBIAN10-LIBBSD-541041
Introduced through: openssh/openssh-client@1:7.9p1-10+deb10u2
From: openssh/openssh-client@1:7.9p1-10+deb10u2 > libedit/libedit2@3.1-20181209-1 > libbsd/libbsd0@0.9.1-2
Fixed in: 0.9.1-2+deb10u1
✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-1085094
Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
and 3 more...
✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-1085097
Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
and 3 more...
✗ High severity vulnerability found in gnutls28/libgnutls30
Description: Out-of-bounds Write
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GNUTLS28-609778
Introduced through: apt@1.8.2.2, gnupg2/dirmngr@2.2.12-1+deb10u1, wget@1.20.1-1.1, git@1:2.20.1-2+deb10u3, curl@7.64.0-4+deb10u1
From: apt@1.8.2.2 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: gnupg2/dirmngr@2.2.12-1+deb10u1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
From: wget@1.20.1-1.1 > gnutls28/libgnutls30@3.6.7-4+deb10u5
and 3 more...
✗ High severity vulnerability found in glibc/libc-bin
Description: Reachable Assertion
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1065768
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ High severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-1296899
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ High severity vulnerability found in glibc/libc-bin
Description: Out-of-bounds Write
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559488
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ High severity vulnerability found in glibc/libc-bin
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GLIBC-559493
Introduced through: glibc/libc-bin@2.28-10, meta-common-packages@meta
From: glibc/libc-bin@2.28-10
From: meta-common-packages@meta > glibc/libc6@2.28-10
✗ High severity vulnerability found in git/git-man
Description: Link Following
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GIT-1083853
Introduced through: git@1:2.20.1-2+deb10u3
From: git@1:2.20.1-2+deb10u3 > git/git-man@1:2.20.1-2+deb10u3
From: git@1:2.20.1-2+deb10u3
✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GCC8-347558
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.2, meta-common-packages@meta
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
and 2 more...
✗ High severity vulnerability found in gcc-8/libstdc++6
Description: Insufficient Entropy
Info: https://snyk.io/vuln/SNYK-DEBIAN10-GCC8-469413
Introduced through: gcc-8/libstdc++6@8.3.0-6, apt@1.8.2.2, meta-common-packages@meta
From: gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
From: apt@1.8.2.2 > apt/libapt-pkg5.0@1.8.2.2 > gcc-8/libstdc++6@8.3.0-6
and 2 more...
✗ High severity vulnerability found in curl/libcurl4
Description: Out-of-bounds Write
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1049502
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ High severity vulnerability found in curl/libcurl4
Description: Improper Certificate Validation
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-1049506
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ High severity vulnerability found in curl/libcurl4
Description: Arbitrary Code Injection
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-573151
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ High severity vulnerability found in curl/libcurl4
Description: Information Exposure
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-573153
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
✗ High severity vulnerability found in curl/libcurl4
Description: Use After Free
Info: https://snyk.io/vuln/SNYK-DEBIAN10-CURL-608200
Introduced through: curl@7.64.0-4+deb10u1, git@1:2.20.1-2+deb10u3
From: curl@7.64.0-4+deb10u1 > curl/libcurl4@7.64.0-4+deb10u1
From: curl@7.64.0-4+deb10u1
From: git@1:2.20.1-2+deb10u3 > curl/libcurl3-gnutls@7.64.0-4+deb10u1
Fixed in: 7.64.0-4+deb10u2
Package manager: deb
Project name: docker-image|guacamole/guacamole
Docker image: guacamole/guacamole:1.3.0
Platform: linux/amd64
Tested 179 dependencies for known vulnerabilities, found 137 vulnerabilities.
For more free scans that keep your images secure, sign up to Snyk at https://dockr.ly/3ePqVcp
tgates@MacBook-Pro ~