Cloudsmith - Repositories - Xenit Solutions (xenit) - open-source (open-source) - contentgrid/pathfinder

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
my-package.ext _(implicit)
filename:my-package.ext _(explicit)

Search by package tag:
latest _(implicit)
tag:latest _(explicit)

Search by package version:
1.0.0 _(implicit)
version:1.0.0 _(explicit)
prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Open-Source — xenit (Xenit Solutions) / open-source — GitHub Project

A certifiably-awesome open-source package repository curated by Xenit Solutions, hosted by Cloudsmith.

Note: Packages in this repository are licensed as Apache License 2.0 (dependencies may be licensed differently).

contentgrid/pathfinder 699af593bd855cc4acaff190fe9…

Download

One-liner (summary)

A certifiably-awesome package curated by github, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by github, hosted by Cloudsmith.

License

Unknown

Size

131.1 MB

Downloads

Tags

image amd64 linux

Status	Completed
GPG Signature	Download
Storage Region	Frankfurt, Germany
Type	Binary (contains binaries and binary artifacts)
Uploaded At	1 year, 5 months ago
Uploaded By
Slug Id	contentgridpathfinder-cg4
Unique Id	N4r2b3tKRhrn
Version (Raw)	699af593bd855cc4acaff190fe962dd0f1dfeef25e9a6f81023839ac36ad1d74
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:699af593bd855cc4acaff190fe962dd0f1dfeef25e9a6f81023839ac36ad1d74
Config Digest	sha256:d7281eae96842c660ad63e16346e3b9b8c5557d18e7fe8b0a2c0025849ab9a5f
V1 OCI Index Digest	sha256:2aa17dde6718109ded5e0b6cc6a70df0bb373d731768a9047d6b8442bea3f831
V1 Distribution (Signed) Digest	sha256:4101ecf3d3f1cbf49395e16966162e5025e1efed6bb277050c0a7690a2fa971c
V1 OCI Digest	sha256:d6e48d8b6997817ed5ba6ce271690f32b06cb89c8b12441a30fefb017090b9ec
V2 Distribution List Digest	sha256:5f10b5da00ee89f0167a5cce6486c9e5b36c956a603f97353d01ee913dc1daf4
V1 Distribution Digest	sha256:f9441abe5986e251ee928d0a61f2e0e7093e31cc3977e21052fd2231153ab3ba
V2 Distribution Digest	sha256:699af593bd855cc4acaff190fe962dd0f1dfeef25e9a6f81023839ac36ad1d74
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Entrypoint /cnb/process/web Env CNB_APP_DIR=/workspace \| CNB_DEPRECATION_MODE=quiet \| CNB_LAYERS_DIR=/layers \| CNB_PLATFORM_API=0.10 \| PATH=/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Labels 'org.springframework.boot.version' '3.0.4' Labels 'org.opencontainers.image.title' 'contentgrid-pathfinder' Labels 'org.opencontainers.image.version' '0.0.1-SNAPSHOT' Labels 'io.buildpacks.build.metadata' '{"buildpacks":[{"id":"paketo-buildpacks/ca-certificates","version":"3.6.0","homepage":"https://github.com/paketo-buildpacks/ca-certificates"},{"id":"paketo-buildpacks/bellsoft-liberica","version":"9.11.0","homepage":"https://github.com/paketo-buildpacks/b' Labels 'io.buildpacks.lifecycle.metadata' '{"app":[{"sha":"sha256:d8a0c22d88dd4b6a35d2c549e5909e219b8be5bbc7ef5e47208cc74fb5976d43"},{"sha":"sha256:0345504805f0312cf76cb4aab197e263a98d1fbec821459bfe0a1e072137f21c"},{"sha":"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"},{' Labels 'io.buildpacks.project.metadata' '{}' Labels 'io.buildpacks.stack.description' 'ubuntu:bionic with some common dependencies like tzdata and openssl' Labels 'io.buildpacks.stack.distro.name' 'ubuntu' Labels 'io.buildpacks.stack.distro.version' '18.04' Labels 'io.buildpacks.stack.homepage' 'https://github.com/paketo-buildpacks/bionic-base-stack' Labels 'io.buildpacks.stack.id' 'io.buildpacks.stacks.bionic' Labels 'io.buildpacks.stack.maintainer' 'Paketo Buildpacks' Labels 'io.buildpacks.stack.metadata' '{}' Labels 'io.buildpacks.stack.mixins' '["libsemanage1","libstdc++6","libzstd1","libmount1","libpcre3","procps","gpgv","mawk","tar","mount","libc-bin","libseccomp2","libp11-kit0","locales","sed","bzip2","gzip","libfdisk1","libbz2-1.0","libc6","base-files","libcap-ng0","libselinux1","libdebconfc' Labels 'io.buildpacks.stack.released' '2023-03-20T14:37:48Z' Labels 'io.paketo.stack.packages' '[{"name":"adduser","version":"3.116ubuntu1","arch":"all","source":{"name":""},"summary":"add and remove users and groups"},{"name":"apt","version":"1.6.14","arch":"amd64","source":{"name":""},"summary":"commandline package manager"},{"name":"base-files","' Labels 'org.opencontainers.image.ref.name' 'ubuntu' User 1000:1000 Working Dir /workspace
Created	1980-01-01 00:00:01 UTC
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 30007,
      "digest": "sha256:442d4ac9abd1bcdb4c2bde8121a66b48629eeb163d21e70bde46ff3efde1bee1"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 26710746,
         "digest": "sha256:cd150c608fee7837e3a5b28be5c7b540eaf4efa27b3b755d55326470691ce2df"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 236,
         "digest": "sha256:a951b3606bbf6634bbda347e31bb2d023e707ee69b66ff2aefce2082ef94d165"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 269,
         "digest": "sha256:4f9294eb453ccf65abf9095f6aab03551337f46236b31b0e5477d8c22898e51e"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 8443020,
         "digest": "sha256:93df32f034a44d23ef5018e222022a6330f34b0534c20680dd17fbe6ae744675"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 457,
         "digest": "sha256:d64c3a3912bcab995712a425580ce722b4730bad63cec91f38be670ea0216a00"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 766,
         "digest": "sha256:8519bfd9465d3d35aeebfe4c3d69191b8ae2a0fd1092d25e613427a43b091c23"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 404,
         "digest": "sha256:c0ab769f82e345e87dcd83e7b1fe1c89c6bee97a69c0cd0c2c5231682dc40135"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1421897,
         "digest": "sha256:f11a03a9725e4f277e7a56e03a99f2017455612c568920c00aa88158386d6950"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1563411,
         "digest": "sha256:364399075890a13f02063dfbf2ecbf576d1be58e67e13084c99c5861f1b8642d"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 376,
         "digest": "sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 53561303,
         "digest": "sha256:c78b6f030ff867e1a40b3174e1232fb2581fe992c8260d1ab1717e818f31d15b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 273,
         "digest": "sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 734402,
         "digest": "sha256:46088954c5cc872ab3957c0ca9bebdd68bc97b3f20349fbc6101fa4cff3f2009"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 54041,
         "digest": "sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 260,
         "digest": "sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 293665,
         "digest": "sha256:2376e613c8c8a58041ee722cfde51ca2eed981799483c8a4dfe0fc1e242b8425"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 43590151,
         "digest": "sha256:e6ca1f64cb897abda2dadbcad4f80937716b6be27db89edcbb72ac2f16af79fb"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 82238,
         "digest": "sha256:7e3fb9fe2289fe6ed3c971a6ce676716192c6329f192ee638eb7294719a7ef27"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 17391,
         "digest": "sha256:a20dbc6f838eb5515891d755862fa24eabb1718bf5078afd9fd0070a59283d38"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1021172,
         "digest": "sha256:3905ab58d7a2e590bb4e6fa9db85c17fdca677d9523370434e8621527e22586a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 621,
         "digest": "sha256:f3f2f7e36d040dca8712cad77c1d0a90c097ce015d15cfe290d0c8745faded36"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 198,
         "digest": "sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be"
      }
   ]
}

	Digest: sha256:cd150c608fee7837e3a5b28be5c7b540eaf4efa27b3b755d55326470691ce2df Command: /bin/sh NOP	25.5 MB
	Digest: sha256:a951b3606bbf6634bbda347e31bb2d023e707ee69b66ff2aefce2082ef94d165 Command: /bin/sh NOP	236 bytes
	Digest: sha256:4f9294eb453ccf65abf9095f6aab03551337f46236b31b0e5477d8c22898e51e Command: /bin/sh NOP	269 bytes
	Digest: sha256:93df32f034a44d23ef5018e222022a6330f34b0534c20680dd17fbe6ae744675 Command: /bin/sh NOP	8.1 MB
	Digest: sha256:d64c3a3912bcab995712a425580ce722b4730bad63cec91f38be670ea0216a00 Command: /bin/sh NOP	457 bytes
	Digest: sha256:8519bfd9465d3d35aeebfe4c3d69191b8ae2a0fd1092d25e613427a43b091c23 Command: /bin/sh NOP	766 bytes
	Digest: sha256:c0ab769f82e345e87dcd83e7b1fe1c89c6bee97a69c0cd0c2c5231682dc40135 Command: /bin/sh NOP	404 bytes
	Digest: sha256:f11a03a9725e4f277e7a56e03a99f2017455612c568920c00aa88158386d6950 Command: /bin/sh NOP	1.4 MB
	Digest: sha256:364399075890a13f02063dfbf2ecbf576d1be58e67e13084c99c5861f1b8642d Command: /bin/sh NOP	1.5 MB
	Digest: sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10 Command: /bin/sh NOP	376 bytes
	Digest: sha256:c78b6f030ff867e1a40b3174e1232fb2581fe992c8260d1ab1717e818f31d15b Command: /bin/sh NOP	51.1 MB
	Digest: sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31 Command: /bin/sh NOP	273 bytes
	Digest: sha256:46088954c5cc872ab3957c0ca9bebdd68bc97b3f20349fbc6101fa4cff3f2009 Command: /bin/sh NOP	717.2 KB
	Digest: sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42 Command: /bin/sh NOP	52.8 KB
	Digest: sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13 Command: /bin/sh NOP	260 bytes
	Digest: sha256:2376e613c8c8a58041ee722cfde51ca2eed981799483c8a4dfe0fc1e242b8425 Command: /bin/sh NOP	286.8 KB
	Digest: sha256:e6ca1f64cb897abda2dadbcad4f80937716b6be27db89edcbb72ac2f16af79fb Command: /bin/sh NOP	41.6 MB
	Digest: sha256:7e3fb9fe2289fe6ed3c971a6ce676716192c6329f192ee638eb7294719a7ef27 Command: /bin/sh NOP	80.3 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:a20dbc6f838eb5515891d755862fa24eabb1718bf5078afd9fd0070a59283d38 Command: /bin/sh NOP	17.0 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:3905ab58d7a2e590bb4e6fa9db85c17fdca677d9523370434e8621527e22586a Command: /bin/sh NOP	997.2 KB
	Digest: sha256:f3f2f7e36d040dca8712cad77c1d0a90c097ce015d15cfe290d0c8745faded36 Command: /bin/sh NOP	621 bytes
	Digest: sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be Command: /bin/sh NOP	198 bytes

contentgrid/pathfinder 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 131.1 MB — 1 year, 5 months ago	2
contentgrid/pathfinder b78f46913fef5f7aa1b718ce1429b3688974ad6…	image amd64 linux 131.1 MB — 1 year, 5 months ago	1
contentgrid/pathfinder 7155da73d0b2980905c3b01f81c2fd65614ab3a…	image amd64 linux 131.1 MB — 1 year, 5 months ago	1
contentgrid/pathfinder 901cfd8592d8f1da064d2e3a3b4ed430a0214dc…	image amd64 linux 131.1 MB — 1 year, 5 months ago	0
contentgrid/pathfinder be0319424f83eca2a5d61b590fa8922f83b9a3b…	image amd64 linux 131.1 MB — 1 year, 5 months ago	0
contentgrid/pathfinder af7436979a8fec0a3c8aa5d418e6e1ecb65e9e1…	image amd64 linux 128.9 MB — 1 year, 5 months ago	0
contentgrid/pathfinder f24581e14d87cc5a37179bb8d9215b25cd54793…	image amd64 linux 128.9 MB — 1 year, 5 months ago	0
contentgrid/pathfinder bca2c41a0d40c109801d9a9d95c724adae1c2d1…	image amd64 linux 128.9 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 98a77e59a910d1f711cac5cac1270507455fdd7…	image amd64 linux 128.9 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 699af593bd855cc4acaff190fe962dd0f1dfeef…	image amd64 linux 131.1 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 131.1 MB — 1 year, 5 months ago	2
contentgrid/pathfinder 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 131.1 MB — 1 year, 5 months ago	2
contentgrid/pathfinder 4cf047c8011280f5769ab318cc44e7a0534bd1d…	image amd64 linux 131.1 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 649e793eb6a3392addbdee50b485911d979ed12…	image amd64 linux 131.1 MB — 1 year, 5 months ago	1
contentgrid/pathfinder 1a78cbd35bec6bc8d6aaf7aaaa5706d83104525…	image amd64 linux 131.1 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 3c1e0136d4a906ea4a701f542418e787e2e5954…	image amd64 linux 131.1 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 36c2e037c7869ec7eaa448787f8505f1dbe731c…	image amd64 linux 128.9 MB — 1 year, 5 months ago	0
contentgrid/pathfinder 593444d83b211b3d685a2423f28d8f98adcb337…	image amd64 linux 128.9 MB — 1 year, 5 months ago	0

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

1 year, 5 months ago

Scan result

Vulnerable

Vulnerability count

Max. severity

Medium

Target:	. (ubuntu 18.04)
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: gcc-8-base Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libgcc1 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libstdc++6 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 8.28-1ubuntu1 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com cve.mitre.org lists.apache.org lore.kernel.org nvd.nist.gov
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. Package Name: gpgv Installed Version: 2.2.4-1ubuntu1.6 Fixed Version: References: access.redhat.com bugzilla.redhat.com cve.mitre.org dev.gnupg.org dev.gnupg.org marc.info
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-9ubuntu0.1 Fixed Version: References: openwall.com www.securityfocus.com access.redhat.com cve.mitre.org lists.apache.org
LOW	CVE-2023-26604: systemd: privilege escalation via the less pager systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Package Name: libsystemd0 Installed Version: 237-3ubuntu10.57 Fixed Version: References: access.redhat.com blog.compass-security.com cve.mitre.org github.com github.com medium.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2023-26604: systemd: privilege escalation via the less pager systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Package Name: libudev1 Installed Version: 237-3ubuntu10.57 Fixed Version: References: access.redhat.com blog.compass-security.com cve.mitre.org github.com github.com medium.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: login Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: passwd Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com

These instructions assume you have setup the repository first (or read it).

To pull contentgrid/pathfinder @ reference/tag sha256:699af593bd855cc4acaff190fe962dd0f1dfeef25e9a6f81023839ac36ad1d74:

docker pull open-source.docker.xenit.eu/contentgrid/pathfinder@sha256:699af593bd855cc4acaff190fe962dd0f1dfeef25e9a6f81023839ac36ad1d74

You can also pull the latest version of this image (if it exists):

docker pull open-source.docker.xenit.eu/contentgrid/pathfinder:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM open-source.docker.xenit.eu/contentgrid/pathfinder@sha256:699af593bd855cc4acaff190fe962dd0f1dfeef25e9a6f81023839ac36ad1d74

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 0.0.1-SNAPSHOT

Next Version: 98a77e59a910d1f711c…

contentgrid/pathfinder 699af593bd855cc4acaff190fe9…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

CVE-2023-26604: systemd: privilege escalation via the less pager

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2023-26604: systemd: privilege escalation via the less pager

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees