armorcodegithubpreprod[bot]
commented
6 months ago Finding [47833618|https://preprod.armorcode.ai/#/findings/257/1167/47833618], [47833684|https://preprod.armorcode.ai/#/findings/257/1167/47833684], [47833683|https://preprod.armorcode.ai/#/findings/257/1167/47833683], [47833686|https://preprod.armorcode.ai/#/findings/257/1167/47833686], [47833741|https://preprod.armorcode.ai/#/findings/257/1167/47833741], [47833731|https://preprod.armorcode.ai/#/findings/257/1167/47833731], [47833737|https://preprod.armorcode.ai/#/findings/257/1167/47833737] are Mitigated
by SYSTEM via ArmorCode Platform
Findings for Container Security, Low, [TheRedHatter/javagoof:exploits/tomcat-rce/Dockerfile]:Use After Free
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
binutilspackage.In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
libsepolpackage.The CIL compiler in SELinux 3.2 has a use-after-free in cil_verify_classperms (called from cil_verify_classpermission and __cil_pre_verify_helper).
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
bluezpackage.In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
tiffpackage.DISPUTED In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue.
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
libsepolpackage.The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
libsepolpackage.The CIL compiler in SELinux 3.2 has a use-after-free in cil_verify_classperms (called from verify_map_perm_classperms and hashtab_map).
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active
Component Details
NVD Description
Note: Versions mentioned in the description apply to the upstream
binutilspackage.GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
References
Origin : null Type : null Image Id : null
Snyk Project Status: Active