Security issues #500

TheoMarque · 2021-12-16T17:55:33Z

TheoMarque
Dec 16, 2021

After log4j pandemic i start scanning my docker images and found that:


Testing mbround18/valheim...

✗ Low severity vulnerability found in xorg/x11-common
  Description: Link Following
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-XORG-576651
  Introduced through: libsdl2/[email protected]+dfsg1-3
  From: libsdl2/[email protected]+dfsg1-3 > libxss/libxss1@1:1.2.3-1 > xorg/x11-common@1:7.7+19ubuntu14
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in xdg-user-dirs
  Description: Improper Access Control
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-XDGUSERDIRS-578697
  Introduced through: [email protected]
  From: [email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in sqlite3/libsqlite3-0
  Description: CVE-2020-9991
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-SQLITE3-1070680
  Introduced through: [email protected]~20.04, [email protected]
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1 > sqlite3/[email protected]
  From: [email protected] > curl/[email protected] > openldap/[email protected]+dfsg-2ubuntu1.8 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > sqlite3/[email protected]
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in sqlite3/libsqlite3-0
  Description: Information Exposure
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-SQLITE3-1070691
  Introduced through: [email protected]~20.04, [email protected]
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1 > sqlite3/[email protected]
  From: [email protected] > curl/[email protected] > openldap/[email protected]+dfsg-2ubuntu1.8 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > sqlite3/[email protected]
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in shadow/passwd
  Description: Time-of-check Time-of-use (TOCTOU)
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-SHADOW-577863
  Introduced through: shadow/passwd@1:4.8.1-1ubuntu5.20.04.1, [email protected], shadow/login@1:4.8.1-1ubuntu5.20.04.1, util-linux/[email protected]
  From: shadow/passwd@1:4.8.1-1ubuntu5.20.04.1
  From: [email protected] > shadow/passwd@1:4.8.1-1ubuntu5.20.04.1
  From: shadow/login@1:4.8.1-1ubuntu5.20.04.1
  and 1 more...
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in python3.8/libpython3.8-minimal
  Description: HTTP Request Smuggling
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-PYTHON38-1075582
  Introduced through: [email protected]~20.04
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in pcre3/libpcre3
  Description: Uncontrolled Recursion
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-PCRE3-580031
  Introduced through: pcre3/libpcre3@2:8.39-12build1, [email protected], [email protected]~20.04
  From: pcre3/libpcre3@2:8.39-12build1
  From: [email protected] > pcre3/libpcre3@2:8.39-12build1
  From: [email protected]~20.04 > babeltrace/[email protected] > glib2.0/[email protected]~ubuntu20.04.4 > pcre3/libpcre3@2:8.39-12build1
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in pcre3/libpcre3
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-PCRE3-581164
  Introduced through: pcre3/libpcre3@2:8.39-12build1, [email protected], [email protected]~20.04
  From: pcre3/libpcre3@2:8.39-12build1
  From: [email protected] > pcre3/libpcre3@2:8.39-12build1
  From: [email protected]~20.04 > babeltrace/[email protected] > glib2.0/[email protected]~ubuntu20.04.4 > pcre3/libpcre3@2:8.39-12build1
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in pcre3/libpcre3
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-PCRE3-583594
  Introduced through: pcre3/libpcre3@2:8.39-12build1, [email protected], [email protected]~20.04
  From: pcre3/libpcre3@2:8.39-12build1
  From: [email protected] > pcre3/libpcre3@2:8.39-12build1
  From: [email protected]~20.04 > babeltrace/[email protected] > glib2.0/[email protected]~ubuntu20.04.4 > pcre3/libpcre3@2:8.39-12build1
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in libtasn1-6
  Description: Resource Management Errors
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-LIBTASN16-578037
  Introduced through: [email protected], [email protected]
  From: [email protected]
  From: [email protected] > gnutls28/[email protected] > [email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in krb5/libkrb5support0
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-KRB5-579303
  Introduced through: [email protected], krb5/[email protected]
  From: [email protected] > curl/[email protected] > krb5/[email protected] > krb5/[email protected]
  From: [email protected] > curl/[email protected] > krb5/[email protected] > krb5/[email protected] > krb5/[email protected]
  From: [email protected] > curl/[email protected] > krb5/[email protected] > krb5/[email protected] > krb5/[email protected]
  and 6 more...
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in heimdal/libasn1-8-heimdal
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-HEIMDAL-1766738
  Introduced through: [email protected], meta-common-packages@meta
  From: [email protected] > curl/[email protected] > openldap/[email protected]+dfsg-2ubuntu1.8 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1
  From: [email protected] > curl/[email protected] > openldap/[email protected]+dfsg-2ubuntu1.8 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1
  From: [email protected] > curl/[email protected] > openldap/[email protected]+dfsg-2ubuntu1.8 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1
  and 17 more...
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in gmp/libgmp10
  Description: CVE-2021-43618
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GMP-1921284
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > gmp/libgmp10@2:6.2.0+dfsg-4
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Reachable Assertion
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1048386
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Loop with Unreachable Exit Condition ('Infinite Loop')
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1055780
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1055790
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Reachable Assertion
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1122573
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Double Free
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1123084
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Use After Free
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1297554
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-576349
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in glibc/libc-dev-bin
  Description: Integer Underflow
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-576428
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in gdb
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GDB-583073
  Introduced through: [email protected]~20.04, gdb/[email protected]~20.04
  From: [email protected]~20.04
  From: gdb/[email protected]~20.04
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Low severity vulnerability found in flac/libflac8
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-FLAC-1053005
  Introduced through: libsdl2/[email protected]+dfsg1-3
  From: libsdl2/[email protected]+dfsg1-3 > pulseaudio/libpulse0@1:13.99.1-1ubuntu3.12 > libsndfile/[email protected] > flac/[email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in dbus/libdbus-1-3
  Description: Use After Free
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-DBUS-1131328
  Introduced through: [email protected], libsdl2/[email protected]+dfsg1-3
  From: [email protected] > dbus/[email protected]
  From: libsdl2/[email protected]+dfsg1-3 > pulseaudio/libpulse0@1:13.99.1-1ubuntu3.12 > dbus/[email protected]
  From: [email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in coreutils
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-COREUTILS-583876
  Introduced through: [email protected]
  From: [email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in binutils/binutils-common
  Description: Allocation of Resources Without Limits or Throttling
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-BINUTILS-583560
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected] > binutils/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected] > binutils/[email protected]
  and 7 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in binutils/binutils-common
  Description: Improper Input Validation
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-BINUTILS-584269
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected] > binutils/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected] > binutils/[email protected]
  and 7 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in binutils/binutils-common
  Description: Missing Release of Resource after Effective Lifetime
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-BINUTILS-842774
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected] > binutils/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04 > [email protected] > binutils/[email protected] > binutils/[email protected]
  and 7 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Low severity vulnerability found in bash
  Description: Improper Check for Dropped Privileges
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-BASH-581100
  Introduced through: [email protected]
  From: [email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Medium severity vulnerability found in wget
  Description: Open Redirect
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-WGET-1278730
  Introduced through: [email protected]
  From: [email protected]
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Medium severity vulnerability found in sqlite3/libsqlite3-0
  Description: Out-of-bounds Read
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-SQLITE3-581593
  Introduced through: [email protected]~20.04, [email protected]
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1 > sqlite3/[email protected]
  From: [email protected] > curl/[email protected] > openldap/[email protected]+dfsg-2ubuntu1.8 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > heimdal/[email protected]+dfsg-1ubuntu1 > sqlite3/[email protected]
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Medium severity vulnerability found in python3.8/libpython3.8-minimal
  Description: CVE-2021-3737
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-PYTHON38-1932959
  Introduced through: [email protected]~20.04
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1 > python3.8/[email protected]~20.04.1
  From: [email protected]~20.04 > python3.8/[email protected]~20.04.1
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Medium severity vulnerability found in perl/perl-base
  Description: CVE-2020-16156
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-PERL-1930907
  Introduced through: meta-common-packages@meta
  From: meta-common-packages@meta > perl/[email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Medium severity vulnerability found in krb5/libkrb5support0
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-KRB5-1533536
  Introduced through: [email protected], krb5/[email protected]
  From: [email protected] > curl/[email protected] > krb5/[email protected] > krb5/[email protected]
  From: [email protected] > curl/[email protected] > krb5/[email protected] > krb5/[email protected] > krb5/[email protected]
  From: [email protected] > curl/[email protected] > krb5/[email protected] > krb5/[email protected] > krb5/[email protected]
  and 6 more...
  Image layer: 'apt-get install -y htop net-tools nano gcc g++ gdb netcat curl wget zip unzip cron sudo gosu dos2unix libsdl2-2.0-0 jq libc6-dev'

✗ Medium severity vulnerability found in icu/libicu66
  Description: Double Free
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-ICU-1729897
  Introduced through: icu/[email protected], [email protected]+dfsg-5ubuntu0.20.04.1
  From: icu/[email protected]
  From: [email protected]+dfsg-5ubuntu0.20.04.1 > icu/[email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)
  Fixed in: 66.1-2ubuntu2.1

✗ Medium severity vulnerability found in glibc/libc-dev-bin
  Description: Integer Overflow or Wraparound
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1315365
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Medium severity vulnerability found in glibc/libc-dev-bin
  Description: NULL Pointer Dereference
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GLIBC-1564900
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, glibc/[email protected], glibc/[email protected], glibc/[email protected], glibc/[email protected], meta-common-packages@meta
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected] > glibc/[email protected]
  From: glibc/[email protected]
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > gcc-9/[email protected]~20.04 > glibc/[email protected]
  and 5 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Medium severity vulnerability found in gcc-defaults/cpp
  Description: Information Exposure
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GCCDEFAULTS-584255
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2, gcc-defaults/gcc@4:9.3.0-1ubuntu2
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/cpp@4:9.3.0-1ubuntu2
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > gcc-defaults/cpp@4:9.3.0-1ubuntu2
  From: gcc-defaults/gcc@4:9.3.0-1ubuntu2
  and 2 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Medium severity vulnerability found in gcc-9
  Description: Information Exposure
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-GCC9-584247
  Introduced through: gcc-defaults/g++@4:9.3.0-1ubuntu2
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > [email protected]~20.04
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-9/[email protected]~20.04 > [email protected]~20.04
  From: gcc-defaults/g++@4:9.3.0-1ubuntu2 > gcc-defaults/gcc@4:9.3.0-1ubuntu2 > [email protected]~20.04
  and 13 more...
  Image layer: Introduced by your base image (ubuntu:20.04)

✗ Medium severity vulnerability found in apparmor/libapparmor1
  Description: Security Features
  Info: https://snyk.io/vuln/SNYK-UBUNTU2004-APPARMOR-583685
  Introduced through: [email protected], libsdl2/[email protected]+dfsg1-3
  From: [email protected] > apparmor/[email protected]
  From: libsdl2/[email protected]+dfsg1-3 > pulseaudio/libpulse0@1:13.99.1-1ubuntu3.12 > apparmor/[email protected]
  Image layer: Introduced by your base image (ubuntu:20.04)



Package manager:   deb
Project name:      docker-image|mbround18/valheim
Docker image:      mbround18/valheim
Platform:          linux/amd64
Base image:        ubuntu:20.04

Tested 237 dependencies for known vulnerabilities, found 40 vulnerabilities.

Base Image    Vulnerabilities  Severity
ubuntu:20.04  19               0 critical, 0 high, 3 medium, 16 low

Recommendations for base image upgrade:

Major upgrades
Base Image              Vulnerabilities  Severity
ubuntu:impish-20211102  13               0 critical, 0 high, 2 medium, 11 low

So.. upgrade using software as You Can. Probably using other base image resolve most of them. Thx :)

mbround18 · 2021-12-24T03:22:42Z

mbround18
Dec 24, 2021
Maintainer

@TheoMarque thank you for pointing this out, none of the services or systems use java & the tooling we use is written in Rust. If you feel like the rust coding is vulnerable or the underlying image is exposing something it shouldnt, could you send an article?

Log4j (CVE-2021-44228) RCE Vulnerability Explained
https://youtu.be/0-abhd-CLwQ

Log4J & JNDI Exploit: Why So Bad? - Computerphile
https://www.youtube.com/watch?v=Opqgwn8TdlM

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security issues #500

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Select a reply

Security issues #500

TheoMarque Dec 16, 2021

Replies: 1 comment

mbround18 Dec 24, 2021 Maintainer

TheoMarque
Dec 16, 2021

mbround18
Dec 24, 2021
Maintainer