Closed pablocoberly closed 3 years ago
Hi,
Trivy has alerted us about a critical vulnerability: CVE-2020-29362 in openjdk:11.0.9.1-jre-slim-buster
See https://nvd.nist.gov/vuln/detail/CVE-2020-29362 and https://security-tracker.debian.org/tracker/CVE-2020-29362.
+-----------------+------------------+----------+-------------------+-------------------+---------------------------------------+ | LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE | +-----------------+------------------+----------+-------------------+-------------------+---------------------------------------+ | libp11-kit0 | CVE-2020-29362 | CRITICAL | 0.23.15-2 | 0.23.15-2+deb10u1 | p11-kit: out-of-bounds read in | | | | | | | p11_rpc_buffer_get_byte_array | | | | | | | function in rpc-message.c | | | | | | | -->avd.aquasec.com/nvd/cve-2020-29362 | +-----------------+ + + + + + | p11-kit | | | | | | | | | | | | | | | | | | | | | | | | | | | +-----------------+ + + + + + | p11-kit-modules | | | | | | | | | | | | | | | | | | | | | | | | | | | +-----------------+------------------+----------+-------------------+-------------------+---------------------------------------+```
This is really https://github.com/debuerreotype/docker-debian-artifacts/issues/111, so I'm closing in favor of it. Thanks! :+1:
Hi,
Trivy has alerted us about a critical vulnerability: CVE-2020-29362 in openjdk:11.0.9.1-jre-slim-buster
See https://nvd.nist.gov/vuln/detail/CVE-2020-29362 and https://security-tracker.debian.org/tracker/CVE-2020-29362.