Scan Summary
Assets scanned
90
Issues found
205
Malicious containers
2
Last scan

(an hour ago)
Current status
Last scan: Ok
AlgoSec Best Practices
Compliance status: No issues
CIS Azure v1.5.0
Compliance status: 44 issues
PCI DSS v4.0
Compliance status: 30 issues
HIPAA
Compliance status: 36 issues
Container Images
Among 5 analyzed container images, the following were found to be vulnerable:
glibc: memory corruption in memcpy-sse2-unaligned.S
openssl: c_rehash script allows command injection
perl: Heap-based buffer overflow in S_handle_regex_sets()
perl: Heap-based buffer overflow in S_regatom()
ncurses: Stack-based buffer overflow in fmt_entry function in dump_entry.c
Incorrect sanitation of the 302 redirect field in HTTP transport metho ...
systemd: line splitting via fgets() allows for state injection during daemon-reexec
systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling
systemd: stack overflow when calling syslog from a command with long cmdline
systemd: stack overflow when receiving many journald entries
python: Missing salt initialization in _elementtree.c module
python: Command injection in the shutil module
e2fsprogs: Crafted ext4 partition leads to out-of-bounds write
e2fsprogs: Out-of-bounds write in e2fsck/rehash.c
systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"
Latest malicious container images:
Repository Image tag Malware
prevasio.azurecr.io/samples/82zge/zagit tag1 Multios.Coinminer.Miner-6781728-2
prevasio.azurecr.io/021982/xmrig2 xmrig2, xmrig3 Multios.Coinminer.Miner-6781728-2
Top malware detections:
Malware Malicious files
Multios.Coinminer.Miner-6781728-2 2
Top ports found to be exposed by containers:
Top networking services that match the ports exposed by containers: