test: Add an extra test for membership repository.

[maleficarum]

Check that the repository returns a populated collection of memberships

[github-actions]

Your image	maleficarum/eversports:c1eaa5e935d2f8faf14b0a622ccc9816b6484d0f
Current base image	node:23.11.0
Updated base image	node:23.11.1-slim

[github-actions]

🔍 Vulnerabilities of maleficarum/eversports:c1eaa5e935d2f8faf14b0a622ccc9816b6484d0f

📦 Image Reference maleficarum/eversports:c1eaa5e935d2f8faf14b0a622ccc9816b6484d0f

digest	sha256:aa3ed481998ede38747e1c55dab7f78add28622db1c351656659535323a9fd0d
vulnerabilities
platform	linux/amd64
size	506 MB
packages	1337

📦 Base Image node:23

also known as	23-bookworm 23.11 23.11-bookworm 23.11.0 23.11.0-bookworm bookworm current current-bookworm latest
digest	sha256:de2d8c00f6b1938eefdf575b5c1efa314a48dd8842a5983ec275cb11e8e6685c
vulnerabilities

glibc 2.36-9+deb12u10 (deb) pkg:deb/debian/[email protected]%2Bdeb12u10?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.044% EPSS Percentile 13th percentile Description Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo). glibc 2.39-4 [bookworm] - glibc (Minor issue) Introduced with: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=10e93d968716ab82931d593bada121c17c0a4b93 (glibc-2.27) Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5451fa962cd0a90a0e2ec1d8910a559ace02bba0 (glibc-2.39) https://sourceware.org/bugzilla/show_bug.cgi?id=32976 https://www.openwall.com/lists/oss-security/2025/05/17/2 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.164% EPSS Percentile 38th percentile Description In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern glibc (unimportant) eglibc (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=24269 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.235% EPSS Percentile 47th percentile Description GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22853 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.375% EPSS Percentile 58th percentile Description GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22852 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.393% EPSS Percentile 59th percentile Description GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22851 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.226% EPSS Percentile 46th percentile Description GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat. glibc (unimportant) Not treated as a security issue by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22850 Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 1.996% EPSS Percentile 83rd percentile Description In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep. glibc (unimportant) eglibc (unimportant) https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html No treated as vulnerability: https://sourceware.org/glibc/wiki/Security%20Exceptions Affected range >=2.36-9+deb12u10 Fixed version Not Fixed EPSS Score 0.373% EPSS Percentile 58th percentile Description The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. glibc (unimportant) eglibc (unimportant) That's standard POSIX behaviour implemented by (e)glibc. Applications using glob need to impose limits for themselves

libxml2 2.9.14+dfsg-1.3~deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdfsg-1.3~deb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.9.14+dfsg-1.3~deb12u1 Fixed version Not Fixed EPSS Score 0.023% EPSS Percentile 5th percentile Description xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. [experimental] - libxml2 2.12.3+dfsg-0exp1 libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b (v2.11.0) UAF DOM\XMLDocument xinclude php/php-src#17467 Affected range >=2.9.14+dfsg-1.3~deb12u1 Fixed version Not Fixed EPSS Score 0.007% EPSS Percentile 0th percentile Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321) https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://www.openwall.com/lists/oss-security/2025/02/18/2 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8c8753ad5280ee13aee5eec9b0f6eee2ed920f57 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/858ca26c0689161a6b903a6682cc8a1cc10a0ea8 (v2.12.10) Affected range >=2.9.14+dfsg-1.3~deb12u1 Fixed version Not Fixed EPSS Score 0.007% EPSS Percentile 0th percentile Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320) https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 https://www.openwall.com/lists/oss-security/2025/02/18/2 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5880a9a6bd97c0f9ac8fc4f30110fe023f484746 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/245b70d7d2768572ae1b05b3668ca858b9ec4ed4 (v2.12.10) Affected range >=2.9.14+dfsg-1.3~deb12u1 Fixed version Not Fixed EPSS Score 0.019% EPSS Percentile 3rd percentile Description In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. libxml2 2.12.7+dfsg+really2.9.14-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511) https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/487ee1d8711c6415218b373ef455fcd969d12399 (master) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ac33b1c821b4e67326e8e416945b31c9537c7c0 (v2.14.2) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/384cc7c182fc00c6d5e2ab4b5e3671b2e3f93c84 (v2.13.8) Affected range >=2.9.14+dfsg-1.3~deb12u1 Fixed version Not Fixed EPSS Score 0.050% EPSS Percentile 15th percentile Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. libxml2 2.12.7+dfsg+really2.9.14-0.4 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322) https://gitlab.gnome.org/GNOME/libxml2/-/issues/861 https://www.openwall.com/lists/oss-security/2025/02/18/2 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c716d491dd2e67f08066f4dc0619efeb49e43e6 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/503f788e84f1c1f1d769c2c7258d77faee94b5a3 (v2.12.10) Affected range >=2.9.14+dfsg-1.3~deb12u1 Fixed version Not Fixed EPSS Score 0.139% EPSS Percentile 35th percentile Description An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. libxml2 2.12.7+dfsg+really2.9.14-0.4 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162) https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145 (v2.11.8) Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac5392a4e891b81e40e592c3ac6cb46016ce (v2.12.7) Crash in CLI tool, no security impact

libwmf 0.2.12-5.1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=0.2.12-5.1 Fixed version Not Fixed EPSS Score 3.046% EPSS Percentile 86th percentile Description The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. libwmf (unimportant) racket 5.0.2-1 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601525) Only present in one of the sample pl-scheme packages (plot) libgd2 2.0.36rc1dfsg-3.1 (medium; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552534) php5 (the php packages use the system libgd2) http://svn.php.net/viewvc?view=revision&revision=289557 [email protected] in OSS-sec Affected range >=0.2.12-5.1 Fixed version Not Fixed EPSS Score 6.959% EPSS Percentile 91st percentile Description Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function. libgd2 2.0.35.dfsg-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=443456; medium) libwmf (unimportant) racket 5.0.2-1 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601525) Only present in one of the sample pl-scheme packages (plot) Debian's PHP packages are linked dynamically against libgd see http://www.php.net/releases/5_2_4.php Affected range >=0.2.12-5.1 Fixed version Not Fixed EPSS Score 6.743% EPSS Percentile 91st percentile Description The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. libgd2 2.0.35.dfsg-1 (low) libwmf (unimportant) racket 5.0.2-1 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601525) Only present in one of the sample pl-scheme packages (plot) CPU consumption DoS Affected range >=0.2.12-5.1 Fixed version Not Fixed EPSS Score 5.183% EPSS Percentile 89th percentile Description Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. libgd2 2.0.35.dfsg-1 (low) libwmf (unimportant) racket 5.0.2-1 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601525) Only present in one of the sample pl-scheme packages (plot) can write a 0 to a 4k window in heap, very unlikely to be controllable.

shadow 1:4.13+dfsg1-1 (deb) pkg:deb/debian/shadow@1%3A4.13%2Bdfsg1-1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <1:4.13+dfsg1-1+deb12u1 Fixed version 1:4.13+dfsg1-1+deb12u1 EPSS Score 0.016% EPSS Percentile 2nd percentile Description A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. shadow 1:4.13+dfsg1-2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051062) [bookworm] - shadow 1:4.13+dfsg1-1+deb12u1 [buster] - shadow (Minor issue) https://bugzilla.redhat.com/show_bug.cgi?id=2215945 shadow-maint/shadow@65c88a4 (4.14.0-rc1) Affected range <1:4.13+dfsg1-1+deb12u1 Fixed version 1:4.13+dfsg1-1+deb12u1 EPSS Score 0.026% EPSS Percentile 6th percentile Description In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account. shadow 1:4.13+dfsg1-2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034482) [bookworm] - shadow 1:4.13+dfsg1-1+deb12u1 [buster] - shadow (Minor issue) Control character check shadow-maint/shadow#687 Fixed by: shadow-maint/shadow@e5905c4 (4.14.0-rc1) Regression fix: shadow-maint/shadow@2eaea70 (4.14.0-rc1) https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797 https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/

openssl 3.0.15-1~deb12u1 (deb) pkg:deb/debian/[email protected]~deb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <3.0.16-1~deb12u1 Fixed version 3.0.16-1~deb12u1 EPSS Score 0.024% EPSS Percentile 5th percentile Description Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring the timing would require either local access to the signing application or a very fast network connection with low latency. There is a timing signal of around 300 nanoseconds when the top word of the inverted ECDSA nonce value is zero. This can happen with significant probability only for some of the supported elliptic curves. In particular the NIST P-521 curve is affected. To be able to measure this leak, the attacker process must either be located in the same physical computer or must have a very fast network connection with low latency. For that reason the severity of this vulnerability is Low. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are affected by this issue. openssl 3.4.1-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094027) [bookworm] - openssl 3.0.16-1~deb12u1 [bullseye] - openssl (Minor issue; can be fixed in next update) https://openssl-library.org/news/secadv/20250120.txt openssl/openssl@77c608f (openssl-3.4.1) openssl/openssl@392dcb3 (openssl-3.3.3) openssl/openssl@4b1cb94 (openssl-3.2.4) openssl/openssl@2af62e7 (openssl-3.1.8) openssl/openssl@07272b0 (openssl-3.0.16) Affected range >=3.0.11-1~deb12u2 Fixed version Not Fixed EPSS Score 0.098% EPSS Percentile 29th percentile Description OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack." http://www.eecs.umich.edu/~valeria/research/publications/DATE10RSA.pdf openssl/openssl#24540 Fault injection based attacks are not within OpenSSLs threat model according to the security policy: https://www.openssl.org/policies/general/security-policy.html

python3.11 3.11.2-6+deb12u5 (deb) pkg:deb/debian/[email protected]%2Bdeb12u5?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <3.11.2-6+deb12u6 Fixed version 3.11.2-6+deb12u6 EPSS Score 1.024% EPSS Percentile 76th percentile Description The Python standard library functions urllib.parse.urlsplit and urlparse accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers. python3.13 3.13.2-1 python3.12 3.12.9-1 python3.11 [bookworm] - python3.11 3.11.2-6+deb12u6 python3.9 pypy3 7.3.18+dfsg-2 [bookworm] - pypy3 (Minor issue) [bullseye] - pypy3 (Minor issue) https://mail.python.org/archives/list/[email protected]/thread/K4EUG6EKV6JYFIC24BASYOZS4M5XOQIB/ [CVE-2025-0938] urlparse does not flag hostname *containing* [ or ] as incorrect python/cpython#105704 gh-105704: Disallow square brackets ([ and ]) in domain names for parsed URLs python/cpython#129418 Fixed by: python/cpython@d89a5f6 Fixed by: python/cpython@90e526a (v3.13.2) Fixed by: python/cpython@a7084f6 (v3.12.9) [3.11] gh-105704: Disallow square brackets ([ and ]) in domain names for parsed URLs (GH-129418) python/cpython#129528 (3.11) [3.9] gh-105704: Disallow square brackets ([ and ]) in domain names for parsed URLs (GH-129418) python/cpython#129530 (3.9) Affected range <3.11.2-6+deb12u6 Fixed version 3.11.2-6+deb12u6 EPSS Score 0.167% EPSS Percentile 39th percentile Description During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers. python3.13 3.13.0~b1-1 python3.12 3.12.9-1 python3.11 [bookworm] - python3.11 3.11.2-6+deb12u6 python3.9 email: address list folding encodes list-separator comma python/cpython#100884 Regression issue: Error parsing email headers: AttributeError: 'ValueTerminal' object has no attribute 'fold' python/cpython#118643 https://mail.python.org/archives/list/[email protected]/thread/MB62IZMEC3UM6SGHP5LET5JX2Y7H4ZUR/ Fixed by: python/cpython@09fab93 (v3.13.0a5) Regression fixed by: python/cpython@6892b40 (v3.13.0b2) Fixed by: python/cpython@9148b77 (v3.12.3) Regression fixed by: python/cpython@8c96850 (v3.12.4) Fixed by: python/cpython@70754d2 (v3.11.9) Regression Fixed by: python/cpython@4762b36 (v3.11.10) Introduced by: python/cpython@0b6f6c8 (v3.3.0a4)

postgresql-15 15.12-0+deb12u2 (deb) pkg:deb/debian/[email protected]%2Bdeb12u2?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <15.13-0+deb12u1 Fixed version 15.13-0+deb12u1 EPSS Score 0.049% EPSS Percentile 15th percentile Description Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected. postgresql-17 17.5-1 postgresql-15 [bookworm] - postgresql-15 15.13-0+deb12u1 postgresql-13 https://www.postgresql.org/about/news/postgresql-175-169-1513-1418-and-1321-released-3072/ https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=ec5f89e8a29f32c7dbc4dd8734ed8406d771de2f (REL_17_5) https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=44ba3f55f552b56b2fbefae028fcf3ea5b53461d (REL_15_13) https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=cbadeaca9271a1bade8ef9790bae09dc92e0ed30 (REL_13_21)

openssh 1:9.2p1-2+deb12u5 (deb) pkg:deb/debian/openssh@1%3A9.2p1-2%2Bdeb12u5?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <1:9.2p1-2+deb12u6 Fixed version 1:9.2p1-2+deb12u6 EPSS Score 0.030% EPSS Percentile 7th percentile Description In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. openssh 1:10.0p1-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603) [bookworm] - openssh 1:9.2p1-2+deb12u6 https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html Fixed by: openssh/openssh-portable@fc86875 (V_10_0_P1)

libcap2 1:2.66-4 (deb) pkg:deb/debian/libcap2@1%3A2.66-4?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <1:2.66-4+deb12u1 Fixed version 1:2.66-4+deb12u1 EPSS Score 0.021% EPSS Percentile 4th percentile Description The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized as group names. This may result in nonintended users being granted an inherited capability set, potentially leading to security risks. Attackers can exploit this vulnerability to achieve local privilege escalation on systems where /etc/security/capability.conf is used to configure user inherited privileges by constructing specific usernames. libcap2 1:2.73-4 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098318) [bookworm] - libcap2 1:2.66-4+deb12u1 https://bugzilla.openanolis.cn/show_bug.cgi?id=18804 Fixed by: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=1ad42b66c3567481cc5fa22fc1ba1556a316d878 (cap/v1.2.74-rc4)

binutils 2.40-2 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.014% EPSS Percentile 2nd percentile Description A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32716 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.100% EPSS Percentile 29th percentile Description A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32644 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b425859021d17adf62f06fb904797cf8642986ad binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.106% EPSS Percentile 30th percentile Description A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32643 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.098% EPSS Percentile 29th percentile Description A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32642 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.107% EPSS Percentile 30th percentile Description A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases". binutils 2.44-1 (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32640 binutils not covered by security support No exact commits pinpointed, but upstream confirms this fixed in 2.44 Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.138% EPSS Percentile 35th percentile Description A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32638 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75086e9de1707281172cc77f178e7949a4414ed0 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.107% EPSS Percentile 30th percentile Description A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32636 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f9978defb6fab0bd8583942d97c112b0932ac814 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.125% EPSS Percentile 33rd percentile Description A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32603 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.059% EPSS Percentile 19th percentile Description A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master." binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32576 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.059% EPSS Percentile 19th percentile Description A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master." binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32576 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.059% EPSS Percentile 19th percentile Description A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master." binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32576 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.059% EPSS Percentile 19th percentile Description A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master." binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32576 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.132% EPSS Percentile 34th percentile Description A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master." binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32576 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.123% EPSS Percentile 33rd percentile Description A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32556 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.093% EPSS Percentile 28th percentile Description A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component. binutils 2.43.90.20250122-1 (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32560 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=baac6c221e9d69335bf41366a1c7d87d8ab2f893 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.019% EPSS Percentile 3rd percentile Description https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incorrect Access Control. The type of exploitation is: local. The component is: nm --without-symbol-version function. binutils 2.43.50.20241221-1 (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32467 Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f8987d3999edb26e757115fe87be55787d510b9 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.032% EPSS Percentile 8th percentile Description GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files. binutils 2.44-1 (unimportant) https://bushido-sec.com/index.php/2024/12/05/binutils-objdump-tekhex-buffer-overflow/ https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e0323071916878e0634a6e24d8250e4faff67e88 (binutils-2_44) binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.045% EPSS Percentile 14th percentile Description A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. binutils 2.41-1 (unimportant) https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff;f=bfd/elf.c;h=185028cbd97ae0901c4276c8a4787b12bb75875a;hp=027d01437352555bc4ac0717cb0486c751a7775d;hb=c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57;hpb=f2f9bde5cde7ff34ed0a4c4682a211d402aa1086 https://sourceware.org/bugzilla/show_bug.cgi?id=30285 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.115% EPSS Percentile 32nd percentile Description An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. binutils (unimportant) https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.385% EPSS Percentile 59th percentile Description An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression. binutils (unimportant) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 1.070% EPSS Percentile 77th percentile Description A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt. binutils (unimportant) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629 https://sourceware.org/bugzilla/show_bug.cgi?id=24043 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.100% EPSS Percentile 29th percentile Description The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm. binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=24039 binutils not covered by security support Affected range >=2.40-2 Fixed version Not Fixed EPSS Score 0.255% EPSS Percentile 49th percentile Description The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). binutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=22009 Underlying bug is though in the C++ demangler part of libiberty, but MITRE has assigned it specifically to the issue as raised within binutils. binutils not covered by security support

openjpeg2 2.5.0-2+deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdeb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.313% EPSS Percentile 54th percentile Description Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). openjpeg2 (unimportant) uclouvain/openjpeg@c277159 Debian binary packages built with BUILD_MJ2:BOOL=OFF Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.597% EPSS Percentile 68th percentile Description An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. openjpeg2 (unimportant) Potential heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c  uclouvain/openjpeg#1127 We build with -DBUILD_MJ2:BOOL=OFF Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.439% EPSS Percentile 62nd percentile Description An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow. openjpeg2 (unimportant) Missing checks for header_info.height and header_info.width in function pnmtoimage in src/bin/jpwl/convert.c, which can lead to heap buffer overflow uclouvain/openjpeg#1126 We build with -DBUILD_JPWL:BOOL=OFF Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 5.154% EPSS Percentile 89th percentile Description In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. openjpeg2 (unimportant) Similar vulnerable functions related to CVE-2017-14041 uclouvain/openjpeg#1044 Debian packaging does not build JPWL, has BUILD_JPWL:BOOL=OFF Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.400% EPSS Percentile 60th percentile Description An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2. openjpeg2 (unimportant) Out-of-Bounds Write issue can occur in function convert_32s_C1P1 (openjpeg-2.1.2/src/bin/jp2/convert.c:153) uclouvain/openjpeg#872 Fixed by: szukw000/openjpeg@cadff5f not built into the binary packages Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.449% EPSS Percentile 63rd percentile Description An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow. openjpeg2 (unimportant) Out-of-Bounds Write issue caused by integer overflow that can occur in function convert_8u32s_C1R()(openjpeg-2.1.2/src/bin/jp2/convert.c:368). uclouvain/openjpeg#871 Fixed by: szukw000/openjpeg@cadff5f not built into the binary packages Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.357% EPSS Percentile 57th percentile Description NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. openjpeg2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844556) NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 uclouvain/openjpeg#860 No code injection, function only exposed in the CLI tool Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.357% EPSS Percentile 57th percentile Description NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. openjpeg2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844555) NULL Pointer Access in function imagetopnm of convert.c:2226(jp2)  uclouvain/openjpeg#859 No code injection, function only exposed in the CLI tool Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.374% EPSS Percentile 58th percentile Description Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. openjpeg2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844554) Heap Buffer Overflow in function imagetotga of convert.c(jp2):942 uclouvain/openjpeg#858 No code injection, function only exposed in the CLI tool Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.607% EPSS Percentile 69th percentile Description There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service. openjpeg2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844553) NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) uclouvain/openjpeg#857 No code injection, function only exposed in the CLI tool Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.448% EPSS Percentile 62nd percentile Description There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service. openjpeg2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844552) NULL point dereference in function imagetobmp of convertbmp.c uclouvain/openjpeg#856 No code injection, function only exposed in the CLI tool Affected range >=2.5.0-2+deb12u1 Fixed version Not Fixed EPSS Score 0.454% EPSS Percentile 63rd percentile Description NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. openjpeg2 (unimportant) [CVE-2016-10505] Null Pointer Access in function imagetopnm of convert.c uclouvain/openjpeg#776 [CVE-2016-10505] Null Pointer Access in function sycc444_to_rgb of color.c uclouvain/openjpeg#784 [CVE-2016-10505] Null Pointer Access in function color_esycc_to_rgb of color.c uclouvain/openjpeg#785 [CVE-2016-10505] Null Pointer Access in function sycc422_to_rgb of color.c uclouvain/openjpeg#792

tiff 4.5.0-6+deb12u2 (deb) pkg:deb/debian/[email protected]%2Bdeb12u2?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=4.5.0-6+deb12u1 Fixed version Not Fixed EPSS Score 0.043% EPSS Percentile 12th percentile Description REJECTED REJECTED Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.017% EPSS Percentile 3rd percentile Description An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. tiff (unimportant) https://gitlab.com/libtiff/libtiff/-/issues/606 Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/1e7d217a323eac701b134afc4ae39b6bdfdbc96a Crash in CLI tool, no security impact Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.010% EPSS Percentile 1st percentile Description A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. tiff (unimportant) https://gitlab.com/libtiff/libtiff/-/issues/542 Crash in CLI tool, no security impact Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.017% EPSS Percentile 2nd percentile Description A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. tiff (unimportant) https://gitlab.com/libtiff/libtiff/-/issues/536 https://gitlab.com/libtiff/libtiff/-/issues/537 Crash in CLI tool, no security impact Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.035% EPSS Percentile 9th percentile Description A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used. tiff (unimportant) [bullseye] - tiff (Minor issue) [buster] - tiff (Minor issue) https://gitlab.com/libtiff/libtiff/-/issues/402 Crash in CLI tool, no security impact Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.185% EPSS Percentile 41st percentile Description ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c. tiff (unimportant) http://bugzilla.maptools.org/show_bug.cgi?id=2786 Crash in CLI tool, no security impact Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.072% EPSS Percentile 23rd percentile Description In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release). tiff (unimportant) tiff3 (Does not ship libtiff-tools) http://bugzilla.maptools.org/show_bug.cgi?id=2690 bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2 Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.586% EPSS Percentile 68th percentile Description LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. tiff (unimportant) http://bugzilla.maptools.org/show_bug.cgi?id=2664 bmp2tiff utility removed in 4.0.6-3 and 4.0.3-12.3+deb8u2 Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 0.614% EPSS Percentile 69th percentile Description In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue tiff (unimportant) tiff3 (unimportant) http://bugzilla.maptools.org/show_bug.cgi?id=2769 Details on the issue are not confirmed by the reporter after several attempts and this does like a non-issue. More reprodicibly reports are from SUSE in https://bugzilla.suse.com/show_bug.cgi?id=1074318#c5 claiming this might be a duplicate of CVE-2017-9935. Unless the reporter provides more details on upstream report go and consider this as non-issue. Affected range >=4.5.0-6+deb12u2 Fixed version Not Fixed EPSS Score 2.211% EPSS Percentile 84th percentile Description LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue tiff (unimportant) http://seclists.org/oss-sec/2017/q4/168 Related commit: https://gitlab.com/libtiff/libtiff/commit/25f9ffa56548c1846c4a1f19308b7f561f7b1ab0 This is actually only a partial fix, but upstream will not fix it completely. The related commit is included in 4.0.9. The underlying memory-based DOS would still be present. Affected range >=4.5.0-6 Fixed version Not Fixed Description REJECTED REJECTED Affected range >=4.5.0-6 Fixed version Not Fixed Description REJECTED REJECTED

elfutils 0.188-2.1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.029% EPSS Percentile 7th percentile Description A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelf_getsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is fbf1df9ca286de3323ae541973b08449f8d03aba. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32673 https://sourceware.org/git/?p=elfutils.git;a=fbf1df9ca286de3323ae541973b08449f8d03aba Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.029% EPSS Percentile 7th percentile Description A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is b16f441cca0a4841050e3215a9f120a6d8aea918. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32672 https://sourceware.org/git/?p=elfutils.git;a=commit;h=b16f441cca0a4841050e3215a9f120a6d8aea918 Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.025% EPSS Percentile 5th percentile Description A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 73db9d2021cab9e23fd734b0a76a612d52a6f1db. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32656 https://sourceware.org/bugzilla/show_bug.cgi?id=32657 https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.025% EPSS Percentile 5th percentile Description A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handle_dynamic_symtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is identified as b38e562a4c907e08171c76b8b2def8464d5a104a. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32655 https://sourceware.org/git/?p=elfutils.git;a=commit;h=b38e562a4c907e08171c76b8b2def8464d5a104a Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.025% EPSS Percentile 5th percentile Description A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32654 https://sourceware.org/git/?p=elfutils.git;a=commit;h=5e5c0394d82c53e97750fe7b18023e6f84157b81 Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.100% EPSS Percentile 29th percentile Description A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=32650 Fixed by: https://sourceware.org/git/?p=elfutils.git;a=2636426a091bd6c6f7f02e49ab20d4cdc6bfc753 Crash in CLI tool, considered only to be a normal bug by upstream Affected range >=0.188-2.1 Fixed version Not Fixed EPSS Score 0.014% EPSS Percentile 2nd percentile Description elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c. elfutils (unimportant) https://sourceware.org/bugzilla/show_bug.cgi?id=31058 https://sourceware.org/git/?p=elfutils.git;a=commit;h=373f5212677235fc3ca6068b887111554790f944 Crash in CLI tool, considered only to be a normal bug by upstream

patch 2.7.6-7 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.7.6-7 Fixed version Not Fixed EPSS Score 0.087% EPSS Percentile 26th percentile Description An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service. patch (unimportant) https://savannah.gnu.org/bugs/?61685 Negligible security impact Affected range >=2.7.6-7 Fixed version Not Fixed EPSS Score 11.377% EPSS Percentile 93rd percentile Description A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. patch (unimportant) https://savannah.gnu.org/bugs/index.php?53133 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300 When fixing this issue make sure to not apply only the incomplete fix, and opening CVE-2019-20633, cf. https://savannah.gnu.org/bugs/index.php?56683 Crash in CLI tool, no security impact Affected range >=2.7.6-7 Fixed version Not Fixed EPSS Score 23.094% EPSS Percentile 96th percentile Description An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. patch (unimportant) https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a https://savannah.gnu.org/bugs/index.php?53132 Crash in CLI tool, no security impact Affected range >=2.7.6-7 Fixed version Not Fixed EPSS Score 0.912% EPSS Percentile 75th percentile Description Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679. patch (unimportant) Applying a patch blindly opens more severe security issues than only directory traversal... openwall ships a fix See https://bugzilla.redhat.com/show_bug.cgi?id=667529 for details

systemd 252.36-1~deb12u1 (deb) pkg:deb/debian/[email protected]~deb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=252.36-1~deb12u1 Fixed version Not Fixed EPSS Score 0.094% EPSS Percentile 28th percentile Description An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." systemd (unimportant) Disputed by upstream https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf Affected range >=252.36-1~deb12u1 Fixed version Not Fixed EPSS Score 0.100% EPSS Percentile 29th percentile Description An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." systemd (unimportant) Disputed by upstream https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf Affected range >=252.36-1~deb12u1 Fixed version Not Fixed EPSS Score 0.128% EPSS Percentile 34th percentile Description An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." systemd (unimportant) Disputed by upstream https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf Affected range >=252.36-1~deb12u1 Fixed version Not Fixed EPSS Score 0.139% EPSS Percentile 35th percentile Description systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. systemd (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357) [wheezy] - systemd (/etc/tmpfiles.d not supported in Wheezy) https://bugzilla.redhat.com/show_bug.cgi?id=859060 only relevant to systems running systemd along with selinux

openldap 2.5.13+dfsg-5 (deb) pkg:deb/debian/[email protected]%2Bdfsg-5?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.5.13+dfsg-5 Fixed version Not Fixed EPSS Score 0.371% EPSS Percentile 58th percentile Description libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux. openldap (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965184) https://bugs.openldap.org/show_bug.cgi?id=9266 https://bugzilla.redhat.com/show_bug.cgi?id=1740070 RedHat/CentOS applied patch: https://git.centos.org/rpms/openldap/raw/67459960064be9d226d57c5f82aaba0929876813/f/SOURCES/openldap-tlso-dont-check-cn-when-bad-san.patch OpenLDAP upstream did dispute the issue as beeing valid, as the current libldap behaviour does conform with RFC4513. RFC6125 does not superseed the rules for verifying service identity provided in specifications for existing application protocols published prior to RFC6125, like RFC4513 for LDAP. Affected range >=2.5.13+dfsg-5 Fixed version Not Fixed EPSS Score 2.071% EPSS Percentile 83rd percentile Description contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. openldap (unimportant) http://www.openldap.org/its/index.cgi/Incoming?id=8759 nops slapd-module not built Affected range >=2.5.13+dfsg-5 Fixed version Not Fixed EPSS Score 0.111% EPSS Percentile 31st percentile Description slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as demonstrated by openldap-initscript. openldap (unimportant) http://www.openldap.org/its/index.cgi?findid=8703 Negligible security impact, but filed #877512 Affected range >=2.5.13+dfsg-5 Fixed version Not Fixed EPSS Score 2.147% EPSS Percentile 83rd percentile Description The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. openldap (unimportant) Debian builds with GNUTLS, not NSS

git 1:2.39.5-0+deb12u2 (deb) pkg:deb/debian/git@1%3A2.39.5-0%2Bdeb12u2?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1:2.39.5-0+deb12u2 Fixed version Not Fixed EPSS Score 0.078% EPSS Percentile 24th percentile Description Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources. git (unimportant) GHSA-7jjc-gg6m-3329 Terminal emulators need to perform proper escaping Affected range >=1:2.39.5-0+deb12u2 Fixed version Not Fixed EPSS Score 0.711% EPSS Percentile 71st percentile Description The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option. Note: This has been disputed by multiple 3rd parties who believe this is an intended feature of the git binary and does not pose a security risk. git (unimportant) https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/ CVE is specifically about --mirror documentation not mentioning the availability of deleted content. Affected range >=1:2.39.5-0+deb12u2 Fixed version Not Fixed EPSS Score 0.384% EPSS Percentile 59th percentile Description GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack). git (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889680) http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html Terminal emulators need to perform proper escaping

expat 2.5.0-1+deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdeb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.5.0-1+deb12u1 Fixed version Not Fixed EPSS Score 0.474% EPSS Percentile 64th percentile Description libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). expat 2.6.1-2 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065868; unimportant) [CVE-2024-28757] Prevent billion laughs attacks in isolated external parser (part of #839) libexpat/libexpat#842 OSS-Fuzz/ClusterFuzz finding 66812 libexpat/libexpat#839 Fixed by: libexpat/libexpat@1d50b80 Tests: libexpat/libexpat@072eca0 Expat provides API to mitigate expansion attacks, ultimately under control of the app using Expat Cf. Billion laughs attack assessment for src:expat in CVE-2013-0340. Affected range >=2.5.0-1+deb12u1 Fixed version Not Fixed EPSS Score 0.019% EPSS Percentile 3rd percentile Description libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. expat 2.6.0-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063240; unimportant) [CVE-2023-52426] Fix issues for compilation with XML_DTD undefined libexpat/libexpat#777 libexpat/libexpat@0f075ec [CVE-2023-52426] Fix issues for compilation with XML_DTD undefined libexpat/libexpat#777 (comment) CVE is for fixing billion laughs attacks for users compiling without XML_DTD defined, which is not the case for Debian.

libheif 1.15.1-1+deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdeb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.15.1-1+deb12u1 Fixed version Not Fixed EPSS Score 0.059% EPSS Percentile 19th percentile Description libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack. libheif 1.17.6-2 (unimportant) Memory leaks in function JpegEncoder::Encode strukturag/libheif#1073 fix memory leaks in function JpegEncoder::Encode strukturag/libheif#1074 strukturag/libheif@877de6b Memory leak in example code Affected range >=1.15.1-1+deb12u1 Fixed version Not Fixed EPSS Score 0.164% EPSS Percentile 38th percentile Description libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc. libheif 1.17.6-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059151; unimportant) [buster] - libheif (Vulnerable code not present) SEGV libheif/libheif/exif.cc:88 in find_exif_tag strukturag/libheif#1042 strukturag/libheif@26ec395 (v1.17.6) Crash in CLI tool, no security impact (only affects example tool shipped in libheif-examples)

libgcrypt20 1.10.1-3 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.10.1-3 Fixed version Not Fixed EPSS Score 0.196% EPSS Percentile 42nd percentile Description A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts. libgcrypt20 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065683) https://bugzilla.redhat.com/show_bug.cgi?id=2268268 https://lists.gnupg.org/pipermail/gcrypt-devel/2024-March/005607.html https://github.com/tomato42/marvin-toolkit/tree/master/example/libgcrypt https://people.redhat.com/~hkario/marvin/ https://dev.gnupg.org/T7136 https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/17 Not in scope for libgcrypt security policy, work ongoing to add support in the protocol layer Affected range >=1.10.1-3 Fixed version Not Fixed EPSS Score 1.266% EPSS Percentile 78th percentile Description cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. libgcrypt20 (unimportant) libgcrypt11 (unimportant) gnupg1 (unimportant) gnupg (unimportant) https://github.com/weikengchen/attack-on-libgcrypt-elgamal https://github.com/weikengchen/attack-on-libgcrypt-elgamal/wiki https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004394.html GnuPG uses ElGamal in hybrid mode only. This is not a vulnerability in libgcrypt, but in an application using it in an insecure manner, see also https://lists.gnupg.org/pipermail/gcrypt-devel/2018-February/004401.html

m4 1.4.19-3 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.4.19-3 Fixed version Not Fixed EPSS Score 2.196% EPSS Percentile 84th percentile Description Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries. m4 (unimportant) The file name is passed through a cmdline argument and m4 doesn't run with elevated privileges. Affected range >=1.4.19-3 Fixed version Not Fixed EPSS Score 2.727% EPSS Percentile 85th percentile Description The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename. m4 (unimportant) This is more a generic bug and not a security issue: the random output would need to match the name of an existing macro

perl 5.36.0-7+deb12u2 (deb) pkg:deb/debian/[email protected]%2Bdeb12u2?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=5.36.0-7+deb12u2 Fixed version Not Fixed EPSS Score 0.785% EPSS Percentile 73rd percentile Description HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. libhttp-tiny-perl 0.088-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962407; unimportant) [experimental] - perl 5.38.0~rc2-1 perl 5.38.2-2 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954089) https://www.openwall.com/lists/oss-security/2023/04/18/14 verify_SSL being true by default (redux) chansen/p5-http-tiny#134 https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/ https://hackeriet.github.io/cpan-http-tiny-overview/ Applications need to explicitly opt in to enable verification. Affected range >=5.36.0-7+deb12u2 Fixed version Not Fixed EPSS Score 0.815% EPSS Percentile 73rd percentile Description _is_safe in the File::Temp module for Perl does not properly handle symlinks. perl (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776268) http://thread.gmane.org/gmane.comp.security.oss.general/6174/focus=6177 File:Temp::_is_safe() allows unsafe traversal of symlinks [rt.cpan.org #69106] Perl-Toolchain-Gang/File-Temp#14

lcms2 2.14-2 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.14-2 Fixed version Not Fixed EPSS Score 0.138% EPSS Percentile 35th percentile Description A heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there only as a helper for low-level programming and investigation." lcms2 (unimportant) Heap Buffer Overflow in smooth2() in cmsgamma.c mm2/Little-CMS#475 Fixed by: mm2/Little-CMS@ec399d6 Negligible security impact, affected fuction never called on normal color managment Affected range >=2.14-2 Fixed version Not Fixed EPSS Score 0.053% EPSS Percentile 17th percentile Description A heap buffer overflow vulnerability has been identified in the lcms2-2.16. The vulnerability exists in the UnrollChunkyBytes function in cmspack.c, which is responsible for handling color space transformations. mm2/Little-CMS#476 Not considered an issue in src:lcms2 but in the fuzzer

curl 7.88.1-10+deb12u12 (deb) pkg:deb/debian/[email protected]%2Bdeb12u12?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=7.88.1-10+deb12u12 Fixed version Not Fixed EPSS Score 0.107% EPSS Percentile 30th percentile Description When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. curl 8.12.0+git20250209.89ed161+ds-1 (unimportant) https://curl.se/docs/CVE-2025-0725.html Introduced with: curl/curl@019c408 (curl-7_10_5) Fixed by: curl/curl@76f83f0 (curl-8_12_0) Patch only drops officially support for zlib before 1.2.0.4 Can only be triggered when using ancient runtime zlib of version 1.2.0.3 or older Affected range >=7.88.1-10+deb12u12 Fixed version Not Fixed EPSS Score 0.208% EPSS Percentile 44th percentile Description libcurl skips the certificate verification for a QUIC connection under certain conditions, when built to use wolfSSL. If told to use an unknown/bad cipher or curve, the error path accidentally skips the verification and returns OK, thus ignoring any certificate problems. curl 8.7.1-1 (unimportant) https://curl.se/docs/CVE-2024-2379.html Introduced by: curl/curl@5d044ad (curl-8_6_0) Fixed by: curl/curl@aedbbdf (curl-8_7_0) curl in Debian not built with wolfSSL support

krb5 1.20.1-2+deb12u2 (deb) pkg:deb/debian/[email protected]%2Bdeb12u2?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <1.20.1-2+deb12u3 Fixed version 1.20.1-2+deb12u3 EPSS Score 0.027% EPSS Percentile 6th percentile Description Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. krb5 1.21.3-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064965) [bookworm] - krb5 1.20.1-2+deb12u3 [bullseye] - krb5 (Vulnerable code introduced later) [buster] - krb5 (Vulnerable code introduced later) https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md Introduced by: krb5/krb5@c85894c (krb5-1.20-beta1) Fixed by: krb5/krb5@7d0d85b (master) Fixed by: krb5/krb5@0c2de23 (krb5-1.21.3-final) https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html Affected range <1.20.1-2+deb12u3 Fixed version 1.20.1-2+deb12u3 Description krb5 1.21.3-5 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094730) [bookworm] - krb5 1.20.1-2+deb12u3 https://bugzilla.redhat.com/show_bug.cgi?id=2342796 Fixed by: krb5/krb5@78ceba0

gcc-12 12.2.0-14 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <12.2.0-14+deb12u1 Fixed version 12.2.0-14+deb12u1 EPSS Score 0.121% EPSS Percentile 33rd percentile Description DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables. The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity. NOTE: The GCC project argues that this is a missed hardening bug and not a vulnerability by itself. gcc-13 13.2.0-4 (unimportant) gcc-12 12.3.0-9 (unimportant) [bookworm] - gcc-12 12.2.0-14+deb12u1 gcc-11 11.4.0-4 (unimportant) gcc-10 10.5.0-3 (unimportant) gcc-9 9.5.0-6 (unimportant) gcc-8 (unimportant) gcc-7 (unimportant) GHSA-x7ch-h5rf-w2mf Not considered a security issue by GCC upstream https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64

gnupg2 2.2.40-1.1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.2.40-1.1 Fixed version Not Fixed EPSS Score 0.012% EPSS Percentile 1st percentile Description GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. gnupg2 (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2127010 https://dev.gnupg.org/D556 https://dev.gnupg.org/T5993 https://www.openwall.com/lists/oss-security/2022/07/04/8 GnuPG upstream is not implementing this change.

sqlite3 3.40.1-2+deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdeb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=3.40.1-2+deb12u1 Fixed version Not Fixed EPSS Score 0.161% EPSS Percentile 38th percentile Description A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect. sqlite3 (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005974) sqlite (unimportant) https://github.com/guyinatuxedo/sqlite3_record_leaking https://bugzilla.redhat.com/show_bug.cgi?id=2054793 https://sqlite.org/forum/forumpost/056d557c2f8c452ed5bb9c215414c802b215ce437be82be047726e521342161e Negligible security impact

jansson 2.14-2 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.14-2 Fixed version Not Fixed EPSS Score 0.412% EPSS Percentile 60th percentile Description An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification jansson (unimportant) OOB Read memory corruption bug akheron/jansson#548 Disputed security impact (only if programmer fails to follow API specifications)

libxslt 1.1.35-1+deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdeb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.1.35-1+deb12u1 Fixed version Not Fixed EPSS Score 0.978% EPSS Percentile 76th percentile Description In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs. libxslt (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859796) https://bugzilla.gnome.org/show_bug.cgi?id=758400 https://bugzilla.suse.com/show_bug.cgi?id=934119 There's no indication that math.random() in intended to ensure cryptographic randomness requirements. Proper seeding needs to happen in the application using libxslt.

tar 1.34+dfsg-1.2+deb12u1 (deb) pkg:deb/debian/[email protected]%2Bdfsg-1.2%2Bdeb12u1?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.34+dfsg-1.2+deb12u1 Fixed version Not Fixed EPSS Score 2.806% EPSS Percentile 85th percentile Description Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. This is intended behaviour, after all tar is an archiving tool and you need to give -p as a command line flag tar (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=328228; unimportant)

openexr 3.1.5-5 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=3.1.5-5 Fixed version Not Fixed EPSS Score 0.209% EPSS Percentile 44th percentile Description Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid openexr (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878551; unimportant) DOS bug while reading attributes in Header::readfrom AcademySoftwareFoundation/openexr#248 Issue in the use of openexr via ImageMagick, no real security impact

util-linux 2.38.1-5+deb12u3 (deb) pkg:deb/debian/[email protected]%2Bdeb12u3?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.38.1-5+deb12u3 Fixed version Not Fixed EPSS Score 0.025% EPSS Percentile 5th percentile Description A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4. util-linux (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2053151 https://lore.kernel.org/util-linux/[email protected]/T/#u util-linux/util-linux@faa5a3a util-linux in Debian does build with readline support but chfn and chsh are provided by src:shadow and util-linux is configured with --disable-chfn-chsh

unzip 6.0-28 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=6.0-28 Fixed version Not Fixed EPSS Score 0.125% EPSS Percentile 33rd percentile Description A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. unzip (unimportant) https://bugzilla.redhat.com/show_bug.cgi?id=2044583 https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077 Crash in CLI tool, no security impact

pixman 0.42.2-1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=0.42.2-1 Fixed version Not Fixed EPSS Score 0.030% EPSS Percentile 7th percentile Description stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c. pixman (unimportant) https://gitlab.freedesktop.org/pixman/pixman/-/issues/76 Crash in test tool, no security impact

coreutils 9.1-1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=9.1-1 Fixed version Not Fixed EPSS Score 0.045% EPSS Percentile 14th percentile Description In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. coreutils (unimportant) http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html https://www.openwall.com/lists/oss-security/2018/01/04/3 Documentation patches proposed: https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html Neutralised by kernel hardening

imagemagick 8:6.9.11.60+dfsg-1.6+deb12u2 (deb) pkg:deb/debian/imagemagick@8%3A6.9.11.60%2Bdfsg-1.6%2Bdeb12u2?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <8:6.9.11.60+dfsg-1.6+deb12u3 Fixed version 8:6.9.11.60+dfsg-1.6+deb12u3 EPSS Score 0.023% EPSS Percentile 5th percentile Description In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. imagemagick 8:7.1.1.46+dfsg1-1 [bookworm] - imagemagick 8:6.9.11.60+dfsg-1.6+deb12u3 Fixed by: ImageMagick/ImageMagick@bac413a (7.1.1-44) Fixed by: ImageMagick/ImageMagick6@c99cbc8 (6.9.13-22)

cairo 1.16.0-7 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.16.0-7 Fixed version Not Fixed EPSS Score 0.196% EPSS Percentile 42nd percentile Description cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function). cairo (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916083) https://gitlab.freedesktop.org/cairo/cairo/issues/341 Negligible security impact

gnutls28 3.7.9-2+deb12u4 (deb) pkg:deb/debian/[email protected]%2Bdeb12u4?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=3.7.9-2+deb12u4 Fixed version Not Fixed EPSS Score 5.423% EPSS Percentile 90th percentile Description The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. sun-java6 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=645881) [lenny] - sun-java6 (Non-free not supported) [squeeze] - sun-java6 (Non-free not supported) openjdk-6 6b23~pre11-1 openjdk-7 7~b147-2.0-1 iceweasel (Vulnerable code not present) http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/ chromium-browser 15.0.874.106~r107270-1 [squeeze] - chromium-browser lighttpd 1.4.30-1 strictly speaking this is no lighttpd issue, but lighttpd adds a workaround curl 7.24.0-1 http://curl.haxx.se/docs/adv_20120124B.html python2.6 2.6.8-0.1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684511) [squeeze] - python2.6 (Minor issue) python2.7 2.7.3~rc1-1 python3.1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678998) [squeeze] - python3.1 (Minor issue) python3.2 3.2.3~rc1-1 http://bugs.python.org/issue13885 python3.1 is fixed starting 3.1.5 cyassl gnutls26 (unimportant) gnutls28 (unimportant) No mitigation for gnutls, it is recommended to use TLS 1.1 or 1.2 which is supported since 2.0.0 haskell-tls (unimportant) No mitigation for haskell-tls, it is recommended to use TLS 1.1, which is supported since 0.2 matrixssl (low) [squeeze] - matrixssl (Minor issue) [wheezy] - matrixssl (Minor issue) matrixssl fix this upstream in 3.2.2 bouncycastle 1.49+dfsg-1 [squeeze] - bouncycastle (Minor issue) [wheezy] - bouncycastle (Minor issue) No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9 nss 3.13.1.with.ckbi.1.88-1 https://bugzilla.mozilla.org/show_bug.cgi?id=665814 https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab polarssl (unimportant) No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases tlslite [wheezy] - tlslite (Minor issue) pound 2.6-2 Pound 2.6-2 added an anti_beast.patch to mitigate BEAST attacks. erlang 1:15.b-dfsg-1 [squeeze] - erlang (Minor issue) asterisk 1:13.7.2dfsg-1 [jessie] - asterisk 1:11.13.1dfsg-2+deb8u1 [wheezy] - asterisk (Minor issue) [squeeze] - asterisk (Not supported in Squeeze LTS) http://downloads.digium.com/pub/security/AST-2016-001.html https://issues.asterisk.org/jira/browse/ASTERISK-24972 patch for 11 (jessie): https://code.asterisk.org/code/changelog/asterisk?cs=f233bcd81d85626ce5bdd27b05bc95d131faf3e4 all versions vulnerable, backport required for wheezy

jbigkit 2.1-6.1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.1-6.1 Fixed version Not Fixed EPSS Score 0.354% EPSS Percentile 57th percentile Description In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack. jbigkit (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869708) http://bugzilla.maptools.org/show_bug.cgi?id=2707 The CVE was assigned for src:tiff by MITRE, but the issue actually lies in jbigkit itself.

libpng1.6 1.6.39-2 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=1.6.39-2 Fixed version Not Fixed EPSS Score 0.034% EPSS Percentile 9th percentile Description A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service. libpng1.6 (unimportant) A potential heap overflow issue pnggroup/libpng#302 Crash in CLI package, not shipped in binary packages

glib2.0 2.74.6-2+deb12u5 (deb) pkg:deb/debian/[email protected]%2Bdeb12u5?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range <2.74.6-2+deb12u6 Fixed version 2.74.6-2+deb12u6 EPSS Score 0.090% EPSS Percentile 27th percentile Description A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function. glib2.0 2.84.1-1 [bookworm] - glib2.0 2.74.6-2+deb12u6 https://gitlab.gnome.org/GNOME/glib/-/issues/3647 https://gitlab.gnome.org/GNOME/glib/-/commit/8d60d7dc168aee73a15eb5edeb2deaf196d96114 (2.83.4) https://gitlab.gnome.org/GNOME/glib/-/commit/2fa1e183613bf58d31151ecaceab91607ccc0c6d (2.83.4) https://gitlab.gnome.org/GNOME/glib/-/commit/0b225e7cd80801aca6e627696064d1698aaa85e7 (2.83.4) https://gitlab.gnome.org/GNOME/glib/-/commit/3672764a17c26341ab8224dcaddf3e7cad699443 (2.83.4) https://gitlab.gnome.org/GNOME/glib/-/commit/0ffdbebd9ab3246958e14ab33bd0c65b6f05fd13 (2.83.4) Introduced by https://gitlab.gnome.org/GNOME/glib/-/commit/491f835c17d200ede52c823ab1566c493479cdc1 (2.55.0)

apt 2.6.1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=2.6.1 Fixed version Not Fixed EPSS Score 1.550% EPSS Percentile 80th percentile Description It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. apt (unimportant; bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480) Not exploitable in Debian, since no keyring URI is defined

libyaml 0.2.5-1 (deb) pkg:deb/debian/[email protected]?os_distro=bookworm&os_name=debian&os_version=12 # Dockerfile (1:1) FROM node:23.11.0 Affected range >=0.2.5-1 Fixed version Not Fixed EPSS Score 0.043% EPSS Percentile 12th percentile Description libyaml 0.2.5 is vulnerable to a heap-based Buffer Overflow in yaml_document_add_sequence in api.c. REJECTED Affected range >=0.2.5-1 Fixed version Not Fixed EPSS Score 0.043% EPSS Percentile 12th percentile Description A vulnerability was found in yaml libyaml up to 0.2.5 and classified as critical. Affected by this issue is the function yaml_emitter_emit_flow_sequence_item of the file /src/libyaml/src/emitter.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. REJECTED

[github-actions]

Recommended fixes for image maleficarum/eversports:c1eaa5e935d2f8faf14b0a622ccc9816b6484d0f

Base image is node:23.11.0

Name	23.11.0
Digest	sha256:de2d8c00f6b1938eefdf575b5c1efa314a48dd8842a5983ec275cb11e8e6685c
Vulnerabilities
Pushed	1 month ago
Size	407 MB
Packages	748
Runtime	23.11.0

The base image is also available under the supported tag(s): 23, 23-bookworm, 23.11, 23.11-bookworm, bookworm, current, current-bookworm, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
23.11.1-slim Patch runtime version update Also known as: 23.11-slim 23-slim 23-bookworm-slim 23.11-bookworm-slim 23.11.1-bookworm-slim	Benefits: Patch runtime version update Image is smaller by 312 MB Image contains 422 fewer packages Tag was pushed more recently Image introduces no new vulnerability but removes 101 Tag is using slim variant Image details: Size: 80 MB Runtime: 23.11.1	4 days ago
23.11.1 Patch runtime version update Also known as: 23.11 23 23-bookworm 23.11-bookworm 23.11.1-bookworm	Benefits: Patch runtime version update Image is smaller by 93 KB Tag was pushed more recently Image has same number of vulnerabilities Image contains equal number of packages Image details: Size: 407 MB Runtime: 23.11.1	4 days ago
24.0.2-slim Tag is preferred tag Also known as: 24.0-slim current-slim 24-slim slim bookworm-slim 24-bookworm-slim 24.0-bookworm-slim 24.0.2-bookworm-slim current-bookworm-slim	Benefits: Image is smaller by 311 MB Image contains 428 fewer packages Tag is preferred tag Tag was pushed more recently Image introduces no new vulnerability but removes 101 Tag is using slim variant Image details: Size: 81 MB Runtime: 22	4 days ago