beats/elastic-agent-complete:8.9.1-amd64

Size
1426.66 MB
Architecture
amd64
Created
2023-08-10
Pull command
docker pull docker.elastic.co/beats/elastic-agent-complete:8.9.1-amd64

Vulnerability report

Critical

0

High

0

Medium

17

Low

17

Negligible

3

Unknown

0

Medium

CVEPackageVersionDescription
CVE-2023-38469avahi0.7-4ubuntu7.2assertion in avahi_dns_packet_append_record
CVE-2023-38472avahi0.7-4ubuntu7.2assertion in avahi_rdata_parse
CVE-2023-38473avahi0.7-4ubuntu7.2assertion in avahi_alternative_host_name
CVE-2023-38471avahi0.7-4ubuntu7.2assertion in dbus_set_host_name
CVE-2023-38470avahi0.7-4ubuntu7.2assertion in avahi_escape_label
CVE-2023-36054krb51.17-6ubuntu4.3lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
CVE-2023-37769pixman0.38.4-0ubuntu2.1stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.
CVE-2023-4016procps2:3.3.16-1ubuntu2.3Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.
CVE-2016-1585apparmor2.13.3-7ubuntu5.2In all versions of AppArmor mount rules are accidentally widened when compiled.
CVE-2023-38288tiff4.1.0+git191117-2ubuntu0.20.04.8[libtiff: integer overflow in tiffcp.c]
CVE-2022-48281tiff4.1.0+git191117-2ubuntu0.20.04.8processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.
CVE-2023-25433tiff4.1.0+git191117-2ubuntu0.20.04.8libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.
CVE-2023-3618tiff4.1.0+git191117-2ubuntu0.20.04.8A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.
CVE-2023-38289tiff4.1.0+git191117-2ubuntu0.20.04.8[libtiff: potential integer overflow in raw2tiff.c]
CVE-2023-26966tiff4.1.0+git191117-2ubuntu0.20.04.8libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.
CVE-2023-2908tiff4.1.0+git191117-2ubuntu0.20.04.8A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service.
CVE-2023-4156gawk1:5.0.1+dfsg-1[heap out of bound read in builtin.c]

Low

CVEPackageVersionDescription
CVE-2023-25193harfbuzz2.6.4-1ubuntu4.2hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
CVE-2022-3219gnupg22.2.19-3ubuntu2.2GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.
CVE-2023-34969dbus1.12.16-2ubuntu2.3D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.
CVE-2023-26604systemd245.4-4ubuntu3.22systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.
CVE-2023-2953openldap2.4.49+dfsg-2ubuntu1.9A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
CVE-2023-29383shadow1:4.8.1-1ubuntu5.20.04.4In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.
CVE-2013-4235shadow1:4.8.1-1ubuntu5.20.04.4shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
CVE-2016-2781coreutils8.30-3ubuntu2chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVE-2022-3857libpng1.61.6.37-2A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function.
CVE-2017-7475cairo1.16.0-4ubuntu1Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
CVE-2018-18064cairo1.16.0-4ubuntu1cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).
CVE-2019-6461cairo1.16.0-4ubuntu1An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
CVE-2023-1916tiff4.1.0+git191117-2ubuntu0.20.04.8A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.
CVE-2018-10126tiff4.1.0+git191117-2ubuntu0.20.04.8LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.
CVE-2023-3316tiff4.1.0+git191117-2ubuntu0.20.04.8A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.
CVE-2023-26965tiff4.1.0+git191117-2ubuntu0.20.04.8loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
CVE-2023-3164tiff4.1.0+git191117-2ubuntu0.20.04.8buffer overflow in tiffcrop

Negligible

CVEPackageVersionDescription
CVE-2017-11164pcre32:8.39-12ubuntu0.1In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.
CVE-2016-20013glibc2.31-0ubuntu9.9sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password.
CVE-2023-3576tiff4.1.0+git191117-2ubuntu0.20.04.8leak in tiffcrop.c