Vulnerabilities

 19 via 25 paths

Dependencies

 29

Source

 Group 6 Copy Created with Sketch. Docker

Target OS

 alpine:3.8.2
Test your Docker Hub image against our market leading vulnerability database Sign up for free
Severity
  • 9
  • 10
Status
  • 19
  • 0
  • 0

critical severity

Buffer Overflow

  • Vulnerable module: curl/curl
  • Introduced through: curl/curl@7.61.1-r1 and curl/libcurl@7.61.1-r1
  • Fixed in: 7.61.1-r3

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/curl@7.61.1-r1
  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/libcurl@7.61.1-r1

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

Remediation

Upgrade Alpine:3.8 curl to version 7.61.1-r3 or higher.

References

Buffer Overflow vulnerability report

critical severity

Double Free

  • Vulnerable module: curl/curl
  • Introduced through: curl/curl@7.61.1-r1 and curl/libcurl@7.61.1-r1
  • Fixed in: 7.61.1-r3

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/curl@7.61.1-r1
  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/libcurl@7.61.1-r1

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

Remediation

Upgrade Alpine:3.8 curl to version 7.61.1-r3 or higher.

References

Double Free vulnerability report

critical severity

Out-of-bounds Write

  • Vulnerable module: curl/curl
  • Introduced through: curl/curl@7.61.1-r1 and curl/libcurl@7.61.1-r1
  • Fixed in: 7.61.1-r2

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/curl@7.61.1-r1
  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/libcurl@7.61.1-r1

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.

Remediation

Upgrade Alpine:3.8 curl to version 7.61.1-r2 or higher.

References

Out-of-bounds Write vulnerability report

critical severity

Out-of-bounds Write

  • Vulnerable module: musl/musl
  • Introduced through: musl/musl@1.1.19-r10 and musl/musl-utils@1.1.19-r10
  • Fixed in: 1.1.19-r11

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 musl/musl@1.1.19-r10
  • Introduced through: php@5.6.40-fpm-alpine3.8 musl/musl-utils@1.1.19-r10

NVD Description

Note: Versions mentioned in the description apply only to the upstream musl package and not the musl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

Remediation

Upgrade Alpine:3.8 musl to version 1.1.19-r11 or higher.

References

Out-of-bounds Write vulnerability report

critical severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Read vulnerability report

critical severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Read vulnerability report

critical severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Read vulnerability report

critical severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Read vulnerability report

critical severity

Out-of-bounds Read

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Read vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Write vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Write vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Write vulnerability report

high severity

Out-of-bounds Write

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.8.1-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.8.1-r0 or higher.

References

Out-of-bounds Write vulnerability report

high severity

Integer Overflow or Wraparound

  • Vulnerable module: libssh2/libssh2
  • Introduced through: libssh2/libssh2@1.8.0-r3
  • Fixed in: 1.9.0-r1

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libssh2/libssh2@1.8.0-r3

NVD Description

Note: Versions mentioned in the description apply only to the upstream libssh2 package and not the libssh2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

The SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

Remediation

Upgrade Alpine:3.8 libssh2 to version 1.9.0-r1 or higher.

References

Integer Overflow or Wraparound vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: curl/curl
  • Introduced through: curl/curl@7.61.1-r1 and curl/libcurl@7.61.1-r1
  • Fixed in: 7.61.1-r2

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/curl@7.61.1-r1
  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/libcurl@7.61.1-r1

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to smtp_endofresp() isn't NUL terminated and contains no character ending the parsed number, and len is set to 5, then the strtol() call reads beyond the allocated buffer. The read contents will not be returned to the caller.

Remediation

Upgrade Alpine:3.8 curl to version 7.61.1-r2 or higher.

References

Out-of-bounds Read vulnerability report

high severity

Out-of-bounds Read

  • Vulnerable module: curl/curl
  • Introduced through: curl/curl@7.61.1-r1 and curl/libcurl@7.61.1-r1
  • Fixed in: 7.61.1-r2

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/curl@7.61.1-r1
  • Introduced through: php@5.6.40-fpm-alpine3.8 curl/libcurl@7.61.1-r1

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (lib/vauth/ntlm.c:ntlm_decode_type2_target) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

Remediation

Upgrade Alpine:3.8 curl to version 7.61.1-r2 or higher.

References

Out-of-bounds Read vulnerability report

high severity

Missing Release of Resource after Effective Lifetime

  • Vulnerable module: libxml2/libxml2
  • Introduced through: libxml2/libxml2@2.9.8-r1
  • Fixed in: 2.9.8-r2

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 libxml2/libxml2@2.9.8-r1

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

Remediation

Upgrade Alpine:3.8 libxml2 to version 2.9.8-r2 or higher.

References

Missing Release of Resource after Effective Lifetime vulnerability report

high severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: nghttp2/nghttp2-libs
  • Introduced through: nghttp2/nghttp2-libs@1.32.0-r0
  • Fixed in: 1.39.2-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 nghttp2/nghttp2-libs@1.32.0-r0

NVD Description

Note: Versions mentioned in the description apply only to the upstream nghttp2 package and not the nghttp2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

Remediation

Upgrade Alpine:3.8 nghttp2 to version 1.39.2-r0 or higher.

References

Allocation of Resources Without Limits or Throttling vulnerability report

high severity

Resource Exhaustion

  • Vulnerable module: nghttp2/nghttp2-libs
  • Introduced through: nghttp2/nghttp2-libs@1.32.0-r0
  • Fixed in: 1.39.2-r0

Detailed paths

  • Introduced through: php@5.6.40-fpm-alpine3.8 nghttp2/nghttp2-libs@1.32.0-r0

NVD Description

Note: Versions mentioned in the description apply only to the upstream nghttp2 package and not the nghttp2 package as distributed by Alpine. See How to fix? for Alpine:3.8 relevant fixed versions and status.

Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.

Remediation

Upgrade Alpine:3.8 nghttp2 to version 1.39.2-r0 or higher.

References

Resource Exhaustion vulnerability report