Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Use of Externally-Controlled Format String

[armorcodegithubpreprod[bot]]

Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Use of Externally-Controlled Format String

Component Details

• Exploit Maturity: no-known-exploit
• Vulnerable Package: -
  • Current Version: -
  • Vulnerable Version(s): >*
  • Vulnerable Path: >null

    NVD Description

    Note: Versions mentioned in the description apply to the upstream tcl8.6 package.

DISPUTED In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding.

References

• ADVISORY
• MISC
• MISC
• MISC
• MISC

Origin : null Type : null Image Id : null

Snyk Project Status: Active

---

---

[armorcodegithubpreprod[bot]]

Finding [47833622|https://preprod.armorcode.ai/#/findings/257/1167/47833622] is Mitigated
by SYSTEM via ArmorCode Platform