Docker centos:7.9.2009

Vulnerabilities

 6 via 6 paths

Dependencies

 148

Source

 Group 6 Copy Created with Sketch. Docker

Target OS

 centos:7
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 1
  • 5
Status
  • 6
  • 0
  • 0

high severity

RHSA-2020:5566

  • Vulnerable module: openssl-libs
  • Introduced through: openssl-libs@1:1.0.2k-19.el7
  • Fixed in: 1:1.0.2k-21.el7_9

Detailed paths

  • Introduced through: centos:7.9.2009@* openssl-libs@1:1.0.2k-19.el7

Overview

Affected versions of this package are vulnerable to RHSA-2020:5566. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade openssl-libs to version or higher.

References

RHSA-2020:5566 vulnerability report

medium severity

RHSA-2020:5011

  • Vulnerable module: bind-license
  • Introduced through: bind-license@32:9.11.4-26.P2.el7
  • Fixed in: 32:9.11.4-26.P2.el7_9.2

Detailed paths

  • Introduced through: centos:7.9.2009@* bind-license@32:9.11.4-26.P2.el7

Overview

Affected versions of this package are vulnerable to RHSA-2020:5011. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622) * bind: remotely triggerable assertion failure in pk11.c (CVE-2020-8623) * bind: incorrect enforcement of update-policy rules of type "subdomain" (CVE-2020-8624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * BIND stops DNSKEY lookup in get_dst_key() when a key with unsupported algorithm is found first [RHEL7] (BZ#1884530)

Remediation

Upgrade bind-license to version or higher.

References

RHSA-2020:5011 vulnerability report

medium severity

RHSA-2020:5002

  • Vulnerable module: curl
  • Introduced through: curl@7.29.0-59.el7
  • Fixed in: 0:7.29.0-59.el7_9.1

Detailed paths

  • Introduced through: centos:7.9.2009@* curl@7.29.0-59.el7

Overview

Affected versions of this package are vulnerable to RHSA-2020:5002. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade curl to version or higher.

References

RHSA-2020:5002 vulnerability report

medium severity

RHSA-2020:5002

  • Vulnerable module: libcurl
  • Introduced through: libcurl@7.29.0-59.el7
  • Fixed in: 0:7.29.0-59.el7_9.1

Detailed paths

  • Introduced through: centos:7.9.2009@* libcurl@7.29.0-59.el7

Overview

Affected versions of this package are vulnerable to RHSA-2020:5002. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Incorrect argument check can allow remote servers to overwrite local files (CVE-2020-8177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade libcurl to version or higher.

References

RHSA-2020:5002 vulnerability report

medium severity

RHSA-2020:5009

  • Vulnerable module: python
  • Introduced through: python@2.7.5-89.el7
  • Fixed in: 0:2.7.5-90.el7

Detailed paths

  • Introduced through: centos:7.9.2009@* python@2.7.5-89.el7

Overview

Affected versions of this package are vulnerable to RHSA-2020:5009. Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade python to version or higher.

References

RHSA-2020:5009 vulnerability report

medium severity

RHSA-2020:5009

  • Vulnerable module: python-libs
  • Introduced through: python-libs@2.7.5-89.el7
  • Fixed in: 0:2.7.5-90.el7

Detailed paths

  • Introduced through: centos:7.9.2009@* python-libs@2.7.5-89.el7

Overview

Affected versions of this package are vulnerable to RHSA-2020:5009. Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade python-libs to version or higher.

References

RHSA-2020:5009 vulnerability report