Closed jefftyn closed 1 year ago
Hi team,
In our trivy scan report there are several CRITICAL vulnerabilities in the latest image fluentd-kubernetes-daemonset:v1.15.2-debian-opensearch-1.0.
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40">
Describe the bug
Hi team,
In our trivy scan report there are several CRITICAL vulnerabilities in the latest image fluentd-kubernetes-daemonset:v1.15.2-debian-opensearch-1.0.
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40">
Library | Vulnerability | Severity | Installed Version | Title -- | -- | -- | -- | -- e2fsprogs | CVE-2022-1304 | HIGH | 1.46.2-2 | e2fsprogs: out-of-bounds read/write via crafted filesystem https://avd.aquasec.com/nvd/cve-2022-130 libc-bin | CVE-2021-3999 | HIGH | 2.31-13+deb11u3 | glibc: Off-by-one buffer overflow/underflow in getcwd() https://avd.aquasec.com/nvd/cve-2021-3999 libc6 | CVE-2021-3999 | HIGH | 2.31-13+deb11u4 | glibc: Off-by-one buffer overflow/underflow in getcwd() https://avd.aquasec.com/nvd/cve-2021-3999 libcom-err2 | CVE-2022-1304 | HIGH | 1.46.2-2 | e2fsprogs: out-of-bounds read/write via crafted filesystem https://avd.aquasec.com/nvd/cve-2022-1304 libdb5.3 | CVE-2019-8457 | CRITICAL | 5.3.28+dfsg1-0.8 | sqlite: heap out-of-bound read in function rtreenode() https://avd.aquasec.com/nvd/cve-2019-8457 libext2fs2 | CVE-2022-1304 | HIGH | 1.46.2-2 | e2fsprogs: out-of-bounds read/write via crafted filesystem https://avd.aquasec.com/nvd/cve-2022-1304 libncurses6 | CVE-2022-29458 | HIGH | 6.2+20201114-2 | ncurses: segfaulting OOB read https://avd.aquasec.com/nvd/cve-2022-29458 libpcre2-8-0 | CVE-2022-1586 | CRITICAL | 10.36-2 | pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c https://avd.aquasec.com/nvd/cve-2022-1586 libtasn1-6 | CVE-2021-46848 | CRITICAL | 4.16.0-2 | GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check ......https://avd.aquasec.com/nvd/cve-2021-46848 linux-libc-dev | CVE-2022-3649 | CRITICAL | 5.10.136-1 | A vulnerability was found in Linux Kernel. It has been classified as... https://avd.aquasec.com/nvd/cve-2022-3649 zlib1g | CVE-2022-37434 | CRITICAL | 1:1.2.11.dfsg-2+deb11u1 | zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a... https://avd.aquasec.com/nvd/cve-2022-37434