Vulnerabilities

1 via 2 paths

Dependencies

14

Source

Group 6 Copy Created with Sketch. Docker

Target OS

alpine:3.8.2
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 1
Status
  • 1
  • 0
  • 0

critical severity

Out-of-bounds Write

  • Vulnerable module: musl/musl
  • Introduced through: musl/musl@1.1.19-r10 and musl/musl-utils@1.1.19-r10
  • Fixed in: 1.1.19-r11

Detailed paths

  • Introduced through: golang@1.10.8-alpine3.8 musl/musl@1.1.19-r10
  • Introduced through: golang@1.10.8-alpine3.8 musl/musl-utils@1.1.19-r10

NVD Description

Note: Versions mentioned in the description apply only to the upstream musl package and not the musl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

Remediation

Upgrade Alpine:3.8 musl to version 1.1.19-r11 or higher.

References