Docker php:7.3.33 buster

critical severity

Directory Traversal

Vulnerable module:dpkg

Introduced through: dpkg@1.19.7, dpkg/dpkg-dev@1.19.7 and others

Fixed in:1.19.8

Detailed paths

  • Introduced through:php@7.3.33-buster > dpkg@1.19.7
  • Introduced through:php@7.3.33-buster > dpkg/dpkg-dev@1.19.7
  • Introduced through:php@7.3.33-buster > dpkg/libdpkg-perl@1.19.7

NVD Description

critical severity

SQL Injection

Vulnerable module:openldap/libldap-2.4-2

Introduced through:openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u6 and openldap/libldap-common@2.4.47+dfsg-3+deb10

Fixed in:2.4.47+dfsg-3+deb10u7

Detailed paths

  • Introduced through:php@7.3.33-buster > openldap/libldap-2.4-2@2.4.47+dfsg-3+deb10u6
  • Introduced through:php@7.3.33-buster > openldap/libldap-common@2.4.47+dfsg-3+deb10u6

NVD Description

critical severity

OS Command Injection

Vulnerable module:openssl

Introduced through:openssl@1.1.1d-0+deb10u8 and openssl/libssl1.1@1.1.1d-0+deb10u8

Fixed in:1.1.1n-0+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > openssl@1.1.1d-0+deb10u8
  • Introduced through:php@7.3.33-buster > openssl/libssl1.1@1.1.1d-0+deb10u8

NVD Description

critical severity

OS Command Injection

Vulnerable module:openssl

Introduced through:openssl@1.1.1d-0+deb10u8 and openssl/libssl1.1@1.1.1d-0+deb10u8

Fixed in:1.1.1n-0+deb10u3

Detailed paths

  • Introduced through:php@7.3.33-buster > openssl@1.1.1d-0+deb10u8
  • Introduced through:php@7.3.33-buster > openssl/libssl1.1@1.1.1d-0+deb10u8

NVD Description

critical severity

Out-of-bounds Write

Vulnerable module:zlib/zlib1g

Introduced through:zlib/zlib1g@1:1.2.11.dfsg-1

Detailed paths

  • Introduced through:php@7.3.33-buster > zlib/zlib1g@1:1.2.11.dfsg-1

NVD Description

high severity

Improper Authentication

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

high severity

Information Exposure

Vulnerable module:gcc-8

Introduced through:gcc-8@8.3.0-6, gcc-8/cpp-8@8.3.0-6 and others

Detailed paths

  • Introduced through:php@7.3.33-buster > gcc-8@8.3.0-6
  • Introduced through:php@7.3.33-buster > gcc-8/cpp-8@8.3.0-6
  • Introduced through:php@7.3.33-buster > gcc-8/g++-8@8.3.0-6

NVD Description

high severity

Improper Certificate Validation

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

high severity

Loop with Unreachable Exit Condition (‘Infinite Loop’)

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

high severity

Integer Overflow or Wraparound

Vulnerable module:gmp/libgmp10

Introduced through:gmp/libgmp10@2:6.1.2+dfsg-4

Fixed in:2:6.1.2+dfsg-4+deb10u1

Detailed paths

  • Introduced through:php@7.3.33-buster > gmp/libgmp10@2:6.1.2+dfsg-4

NVD Description

high severity

Double Free

Vulnerable module:gnutls28/libgnutls30

Introduced through:gnutls28/libgnutls30@3.6.7-4+deb10u7

Fixed in:3.6.7-4+deb10u9

Detailed paths

  • Introduced through:php@7.3.33-buster > gnutls28/libgnutls30@3.6.7-4+deb10u7

NVD Description

high severity

Use After Free

Vulnerable module:libxml2

Introduced through:libxml2@2.9.4+dfsg1-7+deb10u2

Fixed in:2.9.4+dfsg1-7+deb10u3

Detailed paths

  • Introduced through:php@7.3.33-buster > libxml2@2.9.4+dfsg1-7+deb10u2

NVD Description

high severity

Out-of-bounds Write

Vulnerable module:zlib/zlib1g

Introduced through:zlib/zlib1g@1:1.2.11.dfsg-1

Fixed in:1:1.2.11.dfsg-1+deb10u1

Detailed paths

  • Introduced through:php@7.3.33-buster > zlib/zlib1g@1:1.2.11.dfsg-1

NVD Description

medium severity

Allocation of Resources Without Limits or Throttling

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

medium severity

Insufficiently Protected Credentials

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

medium severity

Arbitrary Code Injection

Vulnerable module:gnupg2/gpgv

Introduced through:gnupg2/gpgv@2.2.12-1+deb10u1

Fixed in:2.2.12-1+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > gnupg2/gpgv@2.2.12-1+deb10u1

NVD Description

medium severity

Integer Overflow or Wraparound

Vulnerable module:libxml2

Introduced through:libxml2@2.9.4+dfsg1-7+deb10u2

Fixed in:2.9.4+dfsg1-7+deb10u4

Detailed paths

  • Introduced through:php@7.3.33-buster > libxml2@2.9.4+dfsg1-7+deb10u2

NVD Description

medium severity

Out-of-bounds Write

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

medium severity

Insufficiently Protected Credential

Vulnerable module:curl

Introduced through:curl@7.64.0-4+deb10u2 and curl/libcurl4@7.64.0-4+deb10u2

Detailed paths

  • Introduced through:php@7.3.33-buster > curl@7.64.0-4+deb10u2
  • Introduced through:php@7.3.33-buster > curl/libcurl4@7.64.0-4+deb10u2

NVD Description

We are hiring
Speed Test