Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Alert #1

Open
github-actions bot opened this issue Sep 25, 2021 · 0 comments
Open

Security Alert #1

github-actions bot opened this issue Sep 25, 2021 · 0 comments
Labels
trivy vulnerability

Comments

@github-actions
Copy link

github-actions bot commented Sep 25, 2021
edited

fordockerscan (alpine 3.8.4) - Trivy Report - 2021-09-25T09:31:51.05701601Z

alpine
Package Vulnerability ID Severity Installed Version Fixed Version Links
expat CVE-2018-20843 HIGH 2.2.5-r0 2.2.7-r0 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843 https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes libexpat/libexpat#186 libexpat/libexpat#262 libexpat/libexpat@11f8838 https://linux.oracle.com/cve/CVE-2018-20843.html https://linux.oracle.com/errata/ELSA-2020-4484.html https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/ https://seclists.org/bugtraq/2019/Jun/39 https://security.gentoo.org/glsa/201911-08 https://security.netapp.com/advisory/ntap-20190703-0001/ https://support.f5.com/csp/article/K51011533 https://ubuntu.com/security/notices/USN-4040-1 https://ubuntu.com/security/notices/USN-4040-2 https://usn.ubuntu.com/4040-1/ https://usn.ubuntu.com/4040-2/ https://www.debian.org/security/2019/dsa-4472 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.tenable.com/security/tns-2021-11
expat CVE-2019-15903 HIGH 2.2.5-r0 2.2.7-r1 http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html http://seclists.org/fulldisclosure/2019/Dec/23 http://seclists.org/fulldisclosure/2019/Dec/26 http://seclists.org/fulldisclosure/2019/Dec/27 http://seclists.org/fulldisclosure/2019/Dec/30 https://access.redhat.com/errata/RHSA-2019:3210 https://access.redhat.com/errata/RHSA-2019:3237 https://access.redhat.com/errata/RHSA-2019:3756 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903 libexpat/libexpat@c20b758 libexpat/libexpat#317 libexpat/libexpat#342 libexpat/libexpat#318 https://linux.oracle.com/cve/CVE-2019-15903.html https://linux.oracle.com/errata/ELSA-2020-4484.html https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/ https://seclists.org/bugtraq/2019/Dec/17 https://seclists.org/bugtraq/2019/Dec/21 https://seclists.org/bugtraq/2019/Dec/23 https://seclists.org/bugtraq/2019/Nov/1 https://seclists.org/bugtraq/2019/Nov/24 https://seclists.org/bugtraq/2019/Oct/29 https://seclists.org/bugtraq/2019/Sep/30 https://seclists.org/bugtraq/2019/Sep/37 https://security.gentoo.org/glsa/201911-08 https://security.netapp.com/advisory/ntap-20190926-0004/ https://support.apple.com/kb/HT210785 https://support.apple.com/kb/HT210788 https://support.apple.com/kb/HT210789 https://support.apple.com/kb/HT210790 https://support.apple.com/kb/HT210793 https://support.apple.com/kb/HT210794 https://support.apple.com/kb/HT210795 https://ubuntu.com/security/notices/USN-4132-1 https://ubuntu.com/security/notices/USN-4132-2 https://ubuntu.com/security/notices/USN-4165-1 https://ubuntu.com/security/notices/USN-4202-1 https://ubuntu.com/security/notices/USN-4335-1 https://usn.ubuntu.com/4132-1/ https://usn.ubuntu.com/4132-2/ https://usn.ubuntu.com/4165-1/ https://usn.ubuntu.com/4202-1/ https://usn.ubuntu.com/4335-1/ https://www.debian.org/security/2019/dsa-4530 https://www.debian.org/security/2019/dsa-4549 https://www.debian.org/security/2019/dsa-4571 https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.tenable.com/security/tns-2021-11
libbz2 CVE-2019-12900 CRITICAL 1.0.6-r6 1.0.6-r7 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900 https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html https://seclists.org/bugtraq/2019/Aug/4 https://seclists.org/bugtraq/2019/Jul/22 https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS https://ubuntu.com/security/notices/USN-4038-1 https://ubuntu.com/security/notices/USN-4038-2 https://ubuntu.com/security/notices/USN-4038-3 https://ubuntu.com/security/notices/USN-4038-4 https://ubuntu.com/security/notices/USN-4146-1 https://ubuntu.com/security/notices/USN-4146-2 https://usn.ubuntu.com/4038-1/ https://usn.ubuntu.com/4038-2/ https://usn.ubuntu.com/4146-1/ https://usn.ubuntu.com/4146-2/ https://www.oracle.com/security-alerts/cpuoct2020.html
libcom_err CVE-2019-5094 MEDIUM 1.44.2-r0 1.44.2-r1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5094 https://linux.oracle.com/cve/CVE-2019-5094.html https://linux.oracle.com/errata/ELSA-2020-4011.html https://lists.debian.org/debian-lts-announce/2019/09/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY/ https://seclists.org/bugtraq/2019/Sep/58 https://security.gentoo.org/glsa/202003-05 https://security.netapp.com/advisory/ntap-20200115-0002/ https://talosintelligence.com/vulnerability_reports/TALOS-2019-0887 https://ubuntu.com/security/notices/USN-4142-1 https://ubuntu.com/security/notices/USN-4142-2 https://usn.ubuntu.com/4142-1/ https://usn.ubuntu.com/4142-2/ https://www.debian.org/security/2019/dsa-4535
libcom_err CVE-2019-5188 MEDIUM 1.44.2-r0 1.44.2-r2 http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00004.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5188 https://linux.oracle.com/cve/CVE-2019-5188.html https://linux.oracle.com/errata/ELSA-2020-4011.html https://lists.debian.org/debian-lts-announce/2020/03/msg00030.html https://lists.debian.org/debian-lts-announce/2020/07/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AKETJ6BREDUHRWQTV35SPGG5C6H7KSI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6DOBCYQKCTTWXBLMUPJ5TX3FY7JNCOKY/ https://talosintelligence.com/vulnerability_reports/TALOS-2019-0973 https://ubuntu.com/security/notices/USN-4249-1 https://usn.ubuntu.com/4249-1/
sqlite-libs CVE-2019-8457 CRITICAL 3.25.3-r0 3.25.3-r1 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00074.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://linux.oracle.com/cve/CVE-2019-8457.html https://linux.oracle.com/errata/ELSA-2020-1810.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OPKYSWCOM3CL66RI76TYVIG6TJ263RXH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJPFGA45DI4F5MCF2OAACGH3HQOF4G3M/ https://security.netapp.com/advisory/ntap-20190606-0002/ https://ubuntu.com/security/notices/USN-4004-1 https://ubuntu.com/security/notices/USN-4004-2 https://ubuntu.com/security/notices/USN-4019-1 https://ubuntu.com/security/notices/USN-4019-2 https://usn.ubuntu.com/4004-1/ https://usn.ubuntu.com/4004-2/ https://usn.ubuntu.com/4019-1/ https://usn.ubuntu.com/4019-2/ https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html https://www.sqlite.org/releaselog/3_28_0.html https://www.sqlite.org/src/info/90acdbfce9c08858
sqlite-libs CVE-2019-19244 HIGH 3.25.3-r0 3.25.3-r3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244 sqlite/sqlite@e59c562 https://ubuntu.com/security/notices/USN-4205-1 https://usn.ubuntu.com/4205-1/ https://www.oracle.com/security-alerts/cpuapr2020.html
sqlite-libs CVE-2019-16168 MEDIUM 3.25.3-r0 3.25.3-r2 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00033.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://linux.oracle.com/cve/CVE-2019-16168.html https://linux.oracle.com/errata/ELSA-2020-4442.html https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZARJHJJDBHI7CE5PZEBXS5HKK6HXKW2/ https://security.gentoo.org/glsa/202003-16 https://security.netapp.com/advisory/ntap-20190926-0003/ https://security.netapp.com/advisory/ntap-20200122-0003/ https://ubuntu.com/security/notices/USN-4205-1 https://usn.ubuntu.com/4205-1/ https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62 https://www.sqlite.org/src/timeline?c=98357d8c1263920b https://www.tenable.com/security/tns-2021-08 https://www.tenable.com/security/tns-2021-11 https://www.tenable.com/security/tns-2021-14
sqlite-libs CVE-2019-19242 MEDIUM 3.25.3-r0 3.25.3-r3 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19242 sqlite/sqlite@57f7ece https://ubuntu.com/security/notices/USN-4205-1 https://usn.ubuntu.com/4205-1/ https://www.oracle.com/security-alerts/cpuapr2020.html
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
trivy vulnerability
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants