1. Azure Container Registry
  2. samples/gudthing/sql-rpg

samples/gudthing/sql-rpg

Region: eastus
Scan Summary
Critical vulnerabilities
27
Malicious files
0
Last scan

1 year, 9 months ago
Type of scan
Prevasio CSPM
Scan duration
1 minute and 48 seconds
Image Details
Image URI
prevasio.azurecr.io/samples/gudthing/sql-rpg
Image tags
v0.03
Digest
sha256:cce660fba783b29b7ac7db3e9c0032bac3ae945985bfe72faeb1f9c8484cf821
Created

8 years ago
Compressed size
120.41 MB
Uncompressed size
342.9 MB
OS/architecture
linux/amd64
OS distribution
debian 8.3 (reached end of life)
Working directory
ENTRYPOINT
/entrypoint.sh
CMD
mysqld
User
Ports
3306
3306/tcp
5001
Volumes
/var/lib/mysql
Environment variables
MYSQL_ROOT_PASSWORD=secret
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
MYSQL_MAJOR=5.7
MYSQL_VERSION=5.7.11-1debian8
Overview
Critical
27
High
102
Medium
82
Low
12
Informational
0
Vulnerabilities (223)
Severity Name Package VersionFixed inDescription Package:version
Critical CVE-2020-10188 inetutils-ping 2:1.9.2.39.3a460-32:1.9.2.39.3a460-3+deb8u1telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code inetutils-ping:2:1.9.2.39.3a460-3
Critical CVE-2019-12900 libbz2-1.0 1.0.6-71.0.6-7+deb8u1bzip2: out-of-bounds write in function BZ2_decompress libbz2-1.0:1.0.6-7
Critical CVE-2017-10684 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c libncurses5:5.9+20140913-1
Critical CVE-2017-10685 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function libncurses5:5.9+20140913-1
Critical CVE-2017-10684 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c libncursesw5:5.9+20140913-1
Critical CVE-2017-10685 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function libncursesw5:5.9+20140913-1
Critical CVE-2016-1283 libpcre3 2:8.35-3.3+deb8u22:8.35-3.3+deb8u3pcre: heap buffer overflow in handling of duplicate named groups (8.39/14) libpcre3:2:8.35-3.3+deb8u2
Critical CVE-2016-3191 libpcre3 2:8.35-3.3+deb8u22:8.35-3.3+deb8u3pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12) libpcre3:2:8.35-3.3+deb8u2
Critical CVE-2018-1126 libprocps3 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues libprocps3:2:3.3.9-9
Critical CVE-2017-10684 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c libtinfo5:5.9+20140913-1
Critical CVE-2017-10685 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function libtinfo5:5.9+20140913-1
Critical CVE-2017-10684 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c ncurses-base:5.9+20140913-1
Critical CVE-2017-10685 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function ncurses-base:5.9+20140913-1
Critical CVE-2017-10684 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c ncurses-bin:5.9+20140913-1
Critical CVE-2017-10685 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function ncurses-bin:5.9+20140913-1
Critical CVE-2017-12883 perl 5.20.2-3+deb8u45.20.2-3+deb8u9perl: Buffer over-read in regular expression parser perl:5.20.2-3+deb8u4
Critical CVE-2018-18311 perl 5.20.2-3+deb8u45.20.2-3+deb8u12perl: Integer overflow leading to buffer overflow in Perl_my_setenv() perl:5.20.2-3+deb8u4
Critical CVE-2018-6913 perl 5.20.2-3+deb8u45.20.2-3+deb8u10perl: heap buffer overflow in pp_pack.c perl:5.20.2-3+deb8u4
Critical CVE-2017-12883 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u9perl: Buffer over-read in regular expression parser perl-base:5.20.2-3+deb8u4
Critical CVE-2018-18311 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u12perl: Integer overflow leading to buffer overflow in Perl_my_setenv() perl-base:5.20.2-3+deb8u4
Critical CVE-2018-6913 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u10perl: heap buffer overflow in pp_pack.c perl-base:5.20.2-3+deb8u4
Critical CVE-2017-12883 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u9perl: Buffer over-read in regular expression parser perl-modules:5.20.2-3+deb8u4
Critical CVE-2018-18311 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u12perl: Integer overflow leading to buffer overflow in Perl_my_setenv() perl-modules:5.20.2-3+deb8u4
Critical CVE-2018-6913 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u10perl: heap buffer overflow in pp_pack.c perl-modules:5.20.2-3+deb8u4
Critical CVE-2018-1126 procps 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues procps:2:3.3.9-9
Critical CVE-2016-9841 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Out-of-bounds pointer arithmetic in inffast.c zlib1g:1:1.2.8.dfsg-2
Critical CVE-2016-9843 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Big-endian out-of-bounds pointer zlib1g:1:1.2.8.dfsg-2
High CVE-2019-3462 apt 1.0.9.8.21.0.9.8.5Incorrect sanitation of the 302 redirect field in HTTP transport metho ... apt:1.0.9.8.2
High CVE-2016-7543 bash 4.3-114.3-11+deb8u1bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution bash:4.3-11
High CVE-2019-9924 bash 4.3-114.3-11+deb8u2bash: BASH_CMD is writable in restricted bash shells bash:4.3-11
High CVE-2018-12020 gnupg 1.4.18-71.4.18-7+deb8u5gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification gnupg:1.4.18-7
High CVE-2018-12020 gpgv 1.4.18-71.4.18-7+deb8u5gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification gpgv:1.4.18-7
High CVE-2019-3462 libapt-pkg4.12 1.0.9.8.21.0.9.8.5Incorrect sanitation of the 302 redirect field in HTTP transport metho ... libapt-pkg4.12:1.0.9.8.2
High CVE-2016-1234 libc-bin 2.19-18+deb8u32.19-18+deb8u5glibc: Stack-based buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory libc-bin:2.19-18+deb8u3
High CVE-2016-3075 libc-bin 2.19-18+deb8u32.19-18+deb8u5glibc: Stack overflow in nss_dns_getnetbyname_r libc-bin:2.19-18+deb8u3
High CVE-2016-3706 libc-bin 2.19-18+deb8u32.19-18+deb8u5glibc: stack (frame) overflow in getaddrinfo() when called with AF_INET, AF_INET6 (incomplete fix for CVE-2013-4458) libc-bin:2.19-18+deb8u3
High CVE-2016-6323 libc-bin 2.19-18+deb8u32.19-18+deb8u6glibc: Missing unwind info in __startcontext causes infinite loop in _Unwind_Backtrace libc-bin:2.19-18+deb8u3
High CVE-2017-1000366 libc-bin 2.19-18+deb8u32.19-18+deb8u10glibc: heap/stack gap jumping via unbounded stack allocations libc-bin:2.19-18+deb8u3
High CVE-2016-1234 libc6 2.19-18+deb8u32.19-18+deb8u5glibc: Stack-based buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory libc6:2.19-18+deb8u3
High CVE-2016-3075 libc6 2.19-18+deb8u32.19-18+deb8u5glibc: Stack overflow in nss_dns_getnetbyname_r libc6:2.19-18+deb8u3
High CVE-2016-3706 libc6 2.19-18+deb8u32.19-18+deb8u5glibc: stack (frame) overflow in getaddrinfo() when called with AF_INET, AF_INET6 (incomplete fix for CVE-2013-4458) libc6:2.19-18+deb8u3
High CVE-2016-6323 libc6 2.19-18+deb8u32.19-18+deb8u6glibc: Missing unwind info in __startcontext causes infinite loop in _Unwind_Backtrace libc6:2.19-18+deb8u3
High CVE-2017-1000366 libc6 2.19-18+deb8u32.19-18+deb8u10glibc: heap/stack gap jumping via unbounded stack allocations libc6:2.19-18+deb8u3
High CVE-2017-10140 libdb5.3 5.3.28-95.3.28-9+deb8u1libdb: Reads DB_CONFIG from the current working directory libdb5.3:5.3.28-9
High CVE-2017-11112 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in append_acs function libncurses5:5.9+20140913-1
High CVE-2017-11113 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference vulnerability in _nc_parse_entry function libncurses5:5.9+20140913-1
High CVE-2017-13728 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Infinite loop in the next_char function libncurses5:5.9+20140913-1
High CVE-2017-16879 libncurses5 5.9+20140913-15.9+20140913-1+deb8u3ncurses: Stack-based buffer overflow in the _nc_write_entry function libncurses5:5.9+20140913-1
High CVE-2017-11112 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in append_acs function libncursesw5:5.9+20140913-1
High CVE-2017-11113 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference vulnerability in _nc_parse_entry function libncursesw5:5.9+20140913-1
High CVE-2017-13728 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Infinite loop in the next_char function libncursesw5:5.9+20140913-1
High CVE-2017-16879 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u3ncurses: Stack-based buffer overflow in the _nc_write_entry function libncursesw5:5.9+20140913-1
High CVE-2014-9769 libpcre3 2:8.35-3.3+deb8u22:8.35-3.3+deb8u4pcre: incorrect nested table jumps when JIT is used (8.36/6) libpcre3:2:8.35-3.3+deb8u2
High CVE-2018-1122 libprocps3 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: Local privilege escalation in top libprocps3:2:3.3.9-9
High CVE-2018-1123 libprocps3 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: denial of service in ps via mmap buffer overflow libprocps3:2:3.3.9-9
High CVE-2018-1124 libprocps3 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: Integer overflows leading to heap overflow in file2strvec libprocps3:2:3.3.9-9
High CVE-2018-1125 libprocps3 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: stack buffer overflow in pgrep libprocps3:2:3.3.9-9
High CVE-2017-18078 libsystemd0 215-17+deb8u3215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation libsystemd0:215-17+deb8u3
High CVE-2018-15686 libsystemd0 215-17+deb8u3215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec libsystemd0:215-17+deb8u3
High CVE-2018-15688 libsystemd0 215-17+deb8u3215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling libsystemd0:215-17+deb8u3
High CVE-2018-16864 libsystemd0 215-17+deb8u3215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline libsystemd0:215-17+deb8u3
High CVE-2018-16865 libsystemd0 215-17+deb8u3215-17+deb8u9systemd: stack overflow when receiving many journald entries libsystemd0:215-17+deb8u3
High CVE-2019-3842 libsystemd0 215-17+deb8u3215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" libsystemd0:215-17+deb8u3
High CVE-2017-11112 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in append_acs function libtinfo5:5.9+20140913-1
High CVE-2017-11113 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference vulnerability in _nc_parse_entry function libtinfo5:5.9+20140913-1
High CVE-2017-13728 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Infinite loop in the next_char function libtinfo5:5.9+20140913-1
High CVE-2017-16879 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u3ncurses: Stack-based buffer overflow in the _nc_write_entry function libtinfo5:5.9+20140913-1
High CVE-2017-18078 libudev1 215-17+deb8u3215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation libudev1:215-17+deb8u3
High CVE-2018-15686 libudev1 215-17+deb8u3215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec libudev1:215-17+deb8u3
High CVE-2018-15688 libudev1 215-17+deb8u3215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling libudev1:215-17+deb8u3
High CVE-2018-16864 libudev1 215-17+deb8u3215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline libudev1:215-17+deb8u3
High CVE-2018-16865 libudev1 215-17+deb8u3215-17+deb8u9systemd: stack overflow when receiving many journald entries libudev1:215-17+deb8u3
High CVE-2019-3842 libudev1 215-17+deb8u3215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" libudev1:215-17+deb8u3
High CVE-2016-6252 login 1:4.2-3+deb8u11:4.2-3+deb8u3shadow-utils: Incorrect integer handling results in LPE login:1:4.2-3+deb8u1
High CVE-2016-1234 multiarch-support 2.19-18+deb8u32.19-18+deb8u5glibc: Stack-based buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory multiarch-support:2.19-18+deb8u3
High CVE-2016-3075 multiarch-support 2.19-18+deb8u32.19-18+deb8u5glibc: Stack overflow in nss_dns_getnetbyname_r multiarch-support:2.19-18+deb8u3
High CVE-2016-3706 multiarch-support 2.19-18+deb8u32.19-18+deb8u5glibc: stack (frame) overflow in getaddrinfo() when called with AF_INET, AF_INET6 (incomplete fix for CVE-2013-4458) multiarch-support:2.19-18+deb8u3
High CVE-2016-6323 multiarch-support 2.19-18+deb8u32.19-18+deb8u6glibc: Missing unwind info in __startcontext causes infinite loop in _Unwind_Backtrace multiarch-support:2.19-18+deb8u3
High CVE-2017-1000366 multiarch-support 2.19-18+deb8u32.19-18+deb8u10glibc: heap/stack gap jumping via unbounded stack allocations multiarch-support:2.19-18+deb8u3
High CVE-2017-11112 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in append_acs function ncurses-base:5.9+20140913-1
High CVE-2017-11113 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference vulnerability in _nc_parse_entry function ncurses-base:5.9+20140913-1
High CVE-2017-13728 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Infinite loop in the next_char function ncurses-base:5.9+20140913-1
High CVE-2017-16879 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u3ncurses: Stack-based buffer overflow in the _nc_write_entry function ncurses-base:5.9+20140913-1
High CVE-2017-11112 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in append_acs function ncurses-bin:5.9+20140913-1
High CVE-2017-11113 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference vulnerability in _nc_parse_entry function ncurses-bin:5.9+20140913-1
High CVE-2017-13728 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Infinite loop in the next_char function ncurses-bin:5.9+20140913-1
High CVE-2017-16879 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u3ncurses: Stack-based buffer overflow in the _nc_write_entry function ncurses-bin:5.9+20140913-1
High CVE-2016-6252 passwd 1:4.2-3+deb8u11:4.2-3+deb8u3shadow-utils: Incorrect integer handling results in LPE passwd:1:4.2-3+deb8u1
High CVE-2015-8853 perl 5.20.2-3+deb8u45.20.2-3+deb8u5perl: regexp matching hangs indefinitely on illegal UTF-8 input perl:5.20.2-3+deb8u4
High CVE-2016-1238 perl 5.20.2-3+deb8u45.20.2-3+deb8u6perl: loading of modules from current directory perl:5.20.2-3+deb8u4
High CVE-2016-6185 perl 5.20.2-3+deb8u45.20.2-3+deb8u6perl: XSLoader loads relative paths not included in @INC perl:5.20.2-3+deb8u4
High CVE-2017-12837 perl 5.20.2-3+deb8u45.20.2-3+deb8u9perl: Heap buffer overflow in regular expression compiler perl:5.20.2-3+deb8u4
High CVE-2018-12015 perl 5.20.2-3+deb8u45.20.2-3+deb8u11perl: Directory traversal in Archive::Tar perl:5.20.2-3+deb8u4
High CVE-2015-8853 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u5perl: regexp matching hangs indefinitely on illegal UTF-8 input perl-base:5.20.2-3+deb8u4
High CVE-2016-1238 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u6perl: loading of modules from current directory perl-base:5.20.2-3+deb8u4
High CVE-2016-6185 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u6perl: XSLoader loads relative paths not included in @INC perl-base:5.20.2-3+deb8u4
High CVE-2017-12837 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u9perl: Heap buffer overflow in regular expression compiler perl-base:5.20.2-3+deb8u4
High CVE-2018-12015 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u11perl: Directory traversal in Archive::Tar perl-base:5.20.2-3+deb8u4
High CVE-2015-8853 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u5perl: regexp matching hangs indefinitely on illegal UTF-8 input perl-modules:5.20.2-3+deb8u4
High CVE-2016-1238 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u6perl: loading of modules from current directory perl-modules:5.20.2-3+deb8u4
High CVE-2016-6185 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u6perl: XSLoader loads relative paths not included in @INC perl-modules:5.20.2-3+deb8u4
High CVE-2017-12837 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u9perl: Heap buffer overflow in regular expression compiler perl-modules:5.20.2-3+deb8u4
High CVE-2018-12015 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u11perl: Directory traversal in Archive::Tar perl-modules:5.20.2-3+deb8u4
High CVE-2018-1122 procps 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: Local privilege escalation in top procps:2:3.3.9-9
High CVE-2018-1123 procps 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: denial of service in ps via mmap buffer overflow procps:2:3.3.9-9
High CVE-2018-1124 procps 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: Integer overflows leading to heap overflow in file2strvec procps:2:3.3.9-9
High CVE-2018-1125 procps 2:3.3.9-92:3.3.9-9+deb8u1procps-ng, procps: stack buffer overflow in pgrep procps:2:3.3.9-9
High CVE-2017-17512 sensible-utils 0.0.90.0.9+deb8u1sensible-browser in sensible-utils before 0.0.11 does not validate str ... sensible-utils:0.0.9
High CVE-2017-18078 systemd 215-17+deb8u3215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation systemd:215-17+deb8u3
High CVE-2018-15686 systemd 215-17+deb8u3215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec systemd:215-17+deb8u3
High CVE-2018-15688 systemd 215-17+deb8u3215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling systemd:215-17+deb8u3
High CVE-2018-16864 systemd 215-17+deb8u3215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline systemd:215-17+deb8u3
High CVE-2018-16865 systemd 215-17+deb8u3215-17+deb8u9systemd: stack overflow when receiving many journald entries systemd:215-17+deb8u3
High CVE-2019-3842 systemd 215-17+deb8u3215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" systemd:215-17+deb8u3
High CVE-2017-18078 systemd-sysv 215-17+deb8u3215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation systemd-sysv:215-17+deb8u3
High CVE-2018-15686 systemd-sysv 215-17+deb8u3215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec systemd-sysv:215-17+deb8u3
High CVE-2018-15688 systemd-sysv 215-17+deb8u3215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling systemd-sysv:215-17+deb8u3
High CVE-2018-16864 systemd-sysv 215-17+deb8u3215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline systemd-sysv:215-17+deb8u3
High CVE-2018-16865 systemd-sysv 215-17+deb8u3215-17+deb8u9systemd: stack overflow when receiving many journald entries systemd-sysv:215-17+deb8u3
High CVE-2019-3842 systemd-sysv 215-17+deb8u3215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" systemd-sysv:215-17+deb8u3
High CVE-2016-6321 tar 1.27.1-21.27.1-2+deb8u1tar: Bypassing the extract path name tar:1.27.1-2
High CVE-2017-18078 udev 215-17+deb8u3215-17+deb8u12systemd: Unsafe handling of hard links allowing privilege escalation udev:215-17+deb8u3
High CVE-2018-15686 udev 215-17+deb8u3215-17+deb8u8systemd: line splitting via fgets() allows for state injection during daemon-reexec udev:215-17+deb8u3
High CVE-2018-15688 udev 215-17+deb8u3215-17+deb8u8systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling udev:215-17+deb8u3
High CVE-2018-16864 udev 215-17+deb8u3215-17+deb8u9systemd: stack overflow when calling syslog from a command with long cmdline udev:215-17+deb8u3
High CVE-2018-16865 udev 215-17+deb8u3215-17+deb8u9systemd: stack overflow when receiving many journald entries udev:215-17+deb8u3
High CVE-2019-3842 udev 215-17+deb8u3215-17+deb8u12systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any" udev:215-17+deb8u3
High CVE-2016-9840 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Out-of-bounds pointer arithmetic in inftrees.c zlib1g:1:1.2.8.dfsg-2
High CVE-2016-9842 zlib1g 1:1.2.8.dfsg-21:1.2.8.dfsg-2+deb8u1zlib: Undefined left shift of negative number zlib1g:1:1.2.8.dfsg-2
Medium CVE-2016-1252 apt 1.0.9.8.21.0.9.8.4The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable ... apt:1.0.9.8.2
Medium CVE-2020-3810 apt 1.0.9.8.21.0.9.8.6Missing input validation in the ar/tar implementations of APT before v ... apt:1.0.9.8.2
Medium CVE-2016-9401 bash 4.3-114.3-11+deb8u2bash: popd controlled free bash:4.3-11
Medium CVE-2019-5094 e2fslibs 1.42.12-1.11.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write e2fslibs:1.42.12-1.1
Medium CVE-2019-5188 e2fslibs 1.42.12-1.11.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c e2fslibs:1.42.12-1.1
Medium CVE-2019-5094 e2fsprogs 1.42.12-1.11.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write e2fsprogs:1.42.12-1.1
Medium CVE-2019-5188 e2fsprogs 1.42.12-1.11.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c e2fsprogs:1.42.12-1.1
Medium CVE-2016-6313 gnupg 1.4.18-71.4.18-7+deb8u2libgcrypt: PRNG output is predictable gnupg:1.4.18-7
Medium CVE-2017-7526 gnupg 1.4.18-71.4.18-7+deb8u4libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery gnupg:1.4.18-7
Medium CVE-2016-6313 gpgv 1.4.18-71.4.18-7+deb8u2libgcrypt: PRNG output is predictable gpgv:1.4.18-7
Medium CVE-2017-7526 gpgv 1.4.18-71.4.18-7+deb8u4libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery gpgv:1.4.18-7
Medium CVE-2016-1252 libapt-pkg4.12 1.0.9.8.21.0.9.8.4The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable ... libapt-pkg4.12:1.0.9.8.2
Medium CVE-2020-3810 libapt-pkg4.12 1.0.9.8.21.0.9.8.6Missing input validation in the ar/tar implementations of APT before v ... libapt-pkg4.12:1.0.9.8.2
Medium CVE-2016-3189 libbz2-1.0 1.0.6-71.0.6-7+deb8u1bzip2: heap use after free in bzip2recover libbz2-1.0:1.0.6-7
Medium CVE-2016-4429 libc-bin 2.19-18+deb8u32.19-18+deb8u5glibc: libtirpc: stack (frame) overflow in Sun RPC clntudp_call() libc-bin:2.19-18+deb8u3
Medium CVE-2016-4429 libc6 2.19-18+deb8u32.19-18+deb8u5glibc: libtirpc: stack (frame) overflow in Sun RPC clntudp_call() libc6:2.19-18+deb8u3
Medium CVE-2019-5094 libcomerr2 1.42.12-1.11.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write libcomerr2:1.42.12-1.1
Medium CVE-2019-5188 libcomerr2 1.42.12-1.11.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c libcomerr2:1.42.12-1.1
Medium CVE-2016-6313 libgcrypt20 1.6.3-2+deb8u11.6.3-2+deb8u2libgcrypt: PRNG output is predictable libgcrypt20:1.6.3-2+deb8u1
Medium CVE-2017-7526 libgcrypt20 1.6.3-2+deb8u11.6.3-2+deb8u4libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery libgcrypt20:1.6.3-2+deb8u1
Medium CVE-2017-9526 libgcrypt20 1.6.3-2+deb8u11.6.3-2+deb8u3libgcrypt: Possible timing attack on EdDSA session key libgcrypt20:1.6.3-2+deb8u1
Medium CVE-2018-0495 libgcrypt20 1.6.3-2+deb8u11.6.3-2+deb8u5ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries libgcrypt20:1.6.3-2+deb8u1
Medium CVE-2019-13627 libgcrypt20 1.6.3-2+deb8u11.6.3-2+deb8u8libgcrypt: ECDSA timing attack allowing private key leak libgcrypt20:1.6.3-2+deb8u1
Medium CVE-2017-13729 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the _nc_save_str function libncurses5:5.9+20140913-1
Medium CVE-2017-13730 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_read_entry_source() libncurses5:5.9+20140913-1
Medium CVE-2017-13731 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function postprocess_termcap() libncurses5:5.9+20140913-1
Medium CVE-2017-13732 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function dump_uses() libncurses5:5.9+20140913-1
Medium CVE-2017-13733 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function fmt_entry libncurses5:5.9+20140913-1
Medium CVE-2017-13734 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_safe_strcat libncurses5:5.9+20140913-1
Medium CVE-2018-19217 libncurses5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference at function _nc_name_match libncurses5:5.9+20140913-1
Medium CVE-2017-13729 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the _nc_save_str function libncursesw5:5.9+20140913-1
Medium CVE-2017-13730 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_read_entry_source() libncursesw5:5.9+20140913-1
Medium CVE-2017-13731 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function postprocess_termcap() libncursesw5:5.9+20140913-1
Medium CVE-2017-13732 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function dump_uses() libncursesw5:5.9+20140913-1
Medium CVE-2017-13733 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function fmt_entry libncursesw5:5.9+20140913-1
Medium CVE-2017-13734 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_safe_strcat libncursesw5:5.9+20140913-1
Medium CVE-2018-19217 libncursesw5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference at function _nc_name_match libncursesw5:5.9+20140913-1
Medium CVE-2019-5094 libss2 1.42.12-1.11.42.12-2+deb8u1e2fsprogs: Crafted ext4 partition leads to out-of-bounds write libss2:1.42.12-1.1
Medium CVE-2019-5188 libss2 1.42.12-1.11.42.12-2+deb8u2e2fsprogs: Out-of-bounds write in e2fsck/rehash.c libss2:1.42.12-1.1
Medium CVE-2016-7796 libsystemd0 215-17+deb8u3215-17+deb8u6systemd: freeze when PID 1 receives a zero-length message over notify socket libsystemd0:215-17+deb8u3
Medium CVE-2018-1049 libsystemd0 215-17+deb8u3215-17+deb8u8systemd: automount: access to automounted volumes can lock up libsystemd0:215-17+deb8u3
Medium CVE-2019-6454 libsystemd0 215-17+deb8u3215-17+deb8u10systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash libsystemd0:215-17+deb8u3
Medium CVE-2017-13729 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the _nc_save_str function libtinfo5:5.9+20140913-1
Medium CVE-2017-13730 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_read_entry_source() libtinfo5:5.9+20140913-1
Medium CVE-2017-13731 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function postprocess_termcap() libtinfo5:5.9+20140913-1
Medium CVE-2017-13732 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function dump_uses() libtinfo5:5.9+20140913-1
Medium CVE-2017-13733 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function fmt_entry libtinfo5:5.9+20140913-1
Medium CVE-2017-13734 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_safe_strcat libtinfo5:5.9+20140913-1
Medium CVE-2018-19217 libtinfo5 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference at function _nc_name_match libtinfo5:5.9+20140913-1
Medium CVE-2016-7796 libudev1 215-17+deb8u3215-17+deb8u6systemd: freeze when PID 1 receives a zero-length message over notify socket libudev1:215-17+deb8u3
Medium CVE-2018-1049 libudev1 215-17+deb8u3215-17+deb8u8systemd: automount: access to automounted volumes can lock up libudev1:215-17+deb8u3
Medium CVE-2019-6454 libudev1 215-17+deb8u3215-17+deb8u10systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash libudev1:215-17+deb8u3
Medium CVE-2017-2616 login 1:4.2-3+deb8u11:4.2-3+deb8u3util-linux: Sending SIGKILL to other processes with root privileges via su login:1:4.2-3+deb8u1
Medium CVE-2016-4429 multiarch-support 2.19-18+deb8u32.19-18+deb8u5glibc: libtirpc: stack (frame) overflow in Sun RPC clntudp_call() multiarch-support:2.19-18+deb8u3
Medium CVE-2017-13729 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the _nc_save_str function ncurses-base:5.9+20140913-1
Medium CVE-2017-13730 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_read_entry_source() ncurses-base:5.9+20140913-1
Medium CVE-2017-13731 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function postprocess_termcap() ncurses-base:5.9+20140913-1
Medium CVE-2017-13732 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function dump_uses() ncurses-base:5.9+20140913-1
Medium CVE-2017-13733 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function fmt_entry ncurses-base:5.9+20140913-1
Medium CVE-2017-13734 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_safe_strcat ncurses-base:5.9+20140913-1
Medium CVE-2018-19217 ncurses-base 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference at function _nc_name_match ncurses-base:5.9+20140913-1
Medium CVE-2017-13729 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the _nc_save_str function ncurses-bin:5.9+20140913-1
Medium CVE-2017-13730 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_read_entry_source() ncurses-bin:5.9+20140913-1
Medium CVE-2017-13731 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function postprocess_termcap() ncurses-bin:5.9+20140913-1
Medium CVE-2017-13732 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function dump_uses() ncurses-bin:5.9+20140913-1
Medium CVE-2017-13733 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function fmt_entry ncurses-bin:5.9+20140913-1
Medium CVE-2017-13734 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Illegal address access in the function _nc_safe_strcat ncurses-bin:5.9+20140913-1
Medium CVE-2018-19217 ncurses-bin 5.9+20140913-15.9+20140913-1+deb8u1ncurses: Null pointer dereference at function _nc_name_match ncurses-bin:5.9+20140913-1
Medium CVE-2017-2616 passwd 1:4.2-3+deb8u11:4.2-3+deb8u3util-linux: Sending SIGKILL to other processes with root privileges via su passwd:1:4.2-3+deb8u1
Medium CVE-2017-6512 perl 5.20.2-3+deb8u45.20.2-3+deb8u7perl-File-Path: rmtree/remove_tree race condition perl:5.20.2-3+deb8u4
Medium CVE-2017-6512 perl-base 5.20.2-3+deb8u45.20.2-3+deb8u7perl-File-Path: rmtree/remove_tree race condition perl-base:5.20.2-3+deb8u4
Medium CVE-2017-6512 perl-modules 5.20.2-3+deb8u45.20.2-3+deb8u7perl-File-Path: rmtree/remove_tree race condition perl-modules:5.20.2-3+deb8u4
Medium CVE-2016-7796 systemd 215-17+deb8u3215-17+deb8u6systemd: freeze when PID 1 receives a zero-length message over notify socket systemd:215-17+deb8u3
Medium CVE-2018-1049 systemd 215-17+deb8u3215-17+deb8u8systemd: automount: access to automounted volumes can lock up systemd:215-17+deb8u3
Medium CVE-2019-6454 systemd 215-17+deb8u3215-17+deb8u10systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash systemd:215-17+deb8u3
Medium CVE-2016-7796 systemd-sysv 215-17+deb8u3215-17+deb8u6systemd: freeze when PID 1 receives a zero-length message over notify socket systemd-sysv:215-17+deb8u3
Medium CVE-2018-1049 systemd-sysv 215-17+deb8u3215-17+deb8u8systemd: automount: access to automounted volumes can lock up systemd-sysv:215-17+deb8u3
Medium CVE-2019-6454 systemd-sysv 215-17+deb8u3215-17+deb8u10systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash systemd-sysv:215-17+deb8u3
Medium CVE-2018-20482 tar 1.27.1-21.27.1-2+deb8u2tar: Infinite read loop in sparse_dump_region function in sparse.c tar:1.27.1-2
Medium CVE-2016-7796 udev 215-17+deb8u3215-17+deb8u6systemd: freeze when PID 1 receives a zero-length message over notify socket udev:215-17+deb8u3
Medium CVE-2018-1049 udev 215-17+deb8u3215-17+deb8u8systemd: automount: access to automounted volumes can lock up udev:215-17+deb8u3
Medium CVE-2019-6454 udev 215-17+deb8u3215-17+deb8u10systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash udev:215-17+deb8u3
Low CVE-2016-0634 bash 4.3-114.3-11+deb8u1bash: Arbitrary code execution via malicious hostname bash:4.3-11
Low CVE-2013-2207 libc-bin 2.19-18+deb8u32.19-18+deb8u4glibc (pt_chown): Improper pseudotty ownership and permissions changes when granting access to the slave pseudoterminal libc-bin:2.19-18+deb8u3
Low CVE-2016-2856 libc-bin 2.19-18+deb8u32.19-18+deb8u4pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ... libc-bin:2.19-18+deb8u3
Low CVE-2013-2207 libc6 2.19-18+deb8u32.19-18+deb8u4glibc (pt_chown): Improper pseudotty ownership and permissions changes when granting access to the slave pseudoterminal libc6:2.19-18+deb8u3
Low CVE-2016-2856 libc6 2.19-18+deb8u32.19-18+deb8u4pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ... libc6:2.19-18+deb8u3
Low CVE-2019-3815 libsystemd0 215-17+deb8u3215-17+deb8u11systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 libsystemd0:215-17+deb8u3
Low CVE-2019-3815 libudev1 215-17+deb8u3215-17+deb8u11systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 libudev1:215-17+deb8u3
Low CVE-2013-2207 multiarch-support 2.19-18+deb8u32.19-18+deb8u4glibc (pt_chown): Improper pseudotty ownership and permissions changes when granting access to the slave pseudoterminal multiarch-support:2.19-18+deb8u3
Low CVE-2016-2856 multiarch-support 2.19-18+deb8u32.19-18+deb8u4pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; ... multiarch-support:2.19-18+deb8u3
Low CVE-2019-3815 systemd 215-17+deb8u3215-17+deb8u11systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 systemd:215-17+deb8u3
Low CVE-2019-3815 systemd-sysv 215-17+deb8u3215-17+deb8u11systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 systemd-sysv:215-17+deb8u3
Low CVE-2019-3815 udev 215-17+deb8u3215-17+deb8u11systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 udev:215-17+deb8u3

Command

ADD file:b5391cb13172fb513dbfca0b8471ea02bffa913ffdab94ad864d892d129318c6 in /
Vulnerable packages, installed in this layer 8 years ago
inetutils-ping 2:1.9.2.39.3a460-3 libbz2-1.0 1.0.6-7 libncurses5 5.9+20140913-1 libncursesw5 5.9+20140913-1 libpcre3 2:8.35-3.3+deb8u2 libprocps3 2:3.3.9-9 libtinfo5 5.9+20140913-1 ncurses-base 5.9+20140913-1 ncurses-bin 5.9+20140913-1 perl-base 5.20.2-3+deb8u4 procps 2:3.3.9-9 zlib1g 1:1.2.8.dfsg-2 apt 1.0.9.8.2 bash 4.3-11 gnupg 1.4.18-7 gpgv 1.4.18-7 libapt-pkg4.12 1.0.9.8.2 libc-bin 2.19-18+deb8u3 libc6 2.19-18+deb8u3 libdb5.3 5.3.28-9

Command

CMD ["/bin/bash"]

Command

RUN groupadd -r mysql &&
    useradd -r -g mysql mysql

Command

RUN mkdir /docker-entrypoint-initdb.d

Command

RUN apt-get update &&
    apt-get install -y perl pwgen --no-install-recommends &&
    rm -rf /var/lib/apt/lists/*
Vulnerable packages, installed in this layer 8 years ago
perl 5.20.2-3+deb8u4 perl-modules 5.20.2-3+deb8u4

Command

RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys A4A9406876FCBD3C456770C88C718D3B5072E1F5

Command

ENV MYSQL_MAJOR=5.7

Command

ENV MYSQL_VERSION=5.7.11-1debian8

Command

RUN echo "deb http://repo.mysql.com/apt/debian/ jessie mysql-${MYSQL_MAJOR}" > /etc/apt/sources.list.d/mysql.list

Command

RUN { echo mysql-community-server mysql-community-server/data-dir select ''; echo mysql-community-server mysql-community-server/root-pass password ''; echo mysql-community-server mysql-community-server/re... &&
    apt-get update &&
    apt-get install -y mysql-server="${MYSQL_VERSION}" &&
    rm -rf /var/lib/apt/lists/* &&
    rm -rf /var/lib/mysql &&
    mkdir -p /var/lib/mysql

Command

RUN sed -Ei 's/^(bind-address|log)/#&/' /etc/mysql/my.cnf &&
    echo 'skip-host-cache\nskip-name-resolve' | awk '{ print } $1 == "[mysqld]" &&
    c == 0 { c = 1; system("cat") }' /etc/mysql/my.cnf > /tmp/my.cnf &&
    mv /tmp/my.cnf /etc/mysql/my.cnf

Command

VOLUME [/var/lib/mysql]

Command

COPY file:3c9ca97ea611fabfb41989e386939c847f7289257817dbc65e813a399a39224d in /entrypoint.sh

Command

ENTRYPOINT &{["/entrypoint.sh"]}

Command

EXPOSE 3306/tcp

Command

CMD ["mysqld"]

Command

RUN mysqld

Command

RUN mysqld
Dynamic Analysis Results
The following graph outlines the most important system events generated by the container:
The container produces the following text output:
user@host: ~