Findings for Container Security, Low, [TheRedHatter/javagoof:Dockerfile]:Missing Release of Resource after Effective Lifetime

armorcodegithubpreprod[bot] commented 5 months ago

Component Details

Exploit Maturity: no-known-exploit
Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >*
- Vulnerable Path: >null
  NVD Description
  
  Note: Versions mentioned in the description apply to the upstream systemd package.

An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.

References

Origin : null Type : null Image Id : null

Snyk Project Status: Active

Component Details

Exploit Maturity: no-known-exploit
Vulnerable Package: -
- Current Version: -
- Vulnerable Version(s): >*
- Vulnerable Path: >null
  NVD Description
  
  Note: Versions mentioned in the description apply to the upstream tiff package.

DISPUTED LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue.

References

Origin : null Type : null Image Id : null

Snyk Project Status: Active

armorcodegithubpreprod[bot] commented 5 months ago

Finding [47833376|https://preprod.armorcode.ai/#/findings/257/1167/47833376], [47833389|https://preprod.armorcode.ai/#/findings/257/1167/47833389] are Mitigated
by SYSTEM via ArmorCode Platform

armorcodegithubpreprod[bot] commented 5 months ago

Finding [47833389|https://preprod.armorcode.ai/#/findings/257/1167/47833389] , [47833376|https://preprod.armorcode.ai/#/findings/257/1167/47833376] status changed to Confirmed Note:
by SYSTEM via ArmorCode Platform

teerth04 / ticket