Findings for Container Security, Medium, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Integer Overflow or Wraparound

[armorcodegithubpreprod[bot]]

Findings for Container Security, Medium, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Integer Overflow or Wraparound

Component Details

• Exploit Maturity: no-known-exploit
• Vulnerable Package: -
  • Current Version: -
  • Vulnerable Version(s): >*
  • Vulnerable Path: >null

    NVD Description

    Note: Versions mentioned in the description apply to the upstream openjpeg2 package.

Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

References

• ADVISORY
• FEDORA
• FEDORA
• MISC

Origin : null Type : null Image Id : null

Snyk Project Status: Active

---

---

Component Details

• Exploit Maturity: no-known-exploit
• Vulnerable Package: -
  • Current Version: -
  • Vulnerable Version(s): >*
  • Vulnerable Path: >null

    NVD Description

    Note: Versions mentioned in the description apply to the upstream openexr package.

An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

References

• ADVISORY
• FEDORA
• MISC

Origin : null Type : null Image Id : null

Snyk Project Status: Active

---

---

[armorcodegithubpreprod[bot]]

Finding [47833591|https://preprod.armorcode.ai/#/findings/257/1167/47833591], [47833588|https://preprod.armorcode.ai/#/findings/257/1167/47833588] are Mitigated
by SYSTEM via ArmorCode Platform