Cloudsmith - Repositories - Xenit Solutions (xenit) - open-source (open-source) - contentgrid/slingshot

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
my-package.ext _(implicit)
filename:my-package.ext _(explicit)

Search by package tag:
latest _(implicit)
tag:latest _(explicit)

Search by package version:
1.0.0 _(implicit)
version:1.0.0 _(explicit)
prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Open-Source — xenit (Xenit Solutions) / open-source — GitHub Project

A certifiably-awesome open-source package repository curated by Xenit Solutions, hosted by Cloudsmith.

Note: Packages in this repository are licensed as Apache License 2.0 (dependencies may be licensed differently).

contentgrid/slingshot 20584ada2563361bd7a1de266ab…

Download

One-liner (summary)

A certifiably-awesome package curated by github, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by github, hosted by Cloudsmith.

License

Unknown

Size

129.8 MB

Downloads

Tags

image amd64 linux

Status	Completed
GPG Signature	Download
Storage Region	Frankfurt, Germany
Type	Binary (contains binaries and binary artifacts)
Uploaded At	1 year, 6 months ago
Uploaded By
Slug Id	contentgridslingshot-Llx
Unique Id	4GO03lnfQMRh
Version (Raw)	20584ada2563361bd7a1de266abc7e68f770e3bd36186500b2abaaa82630c3b4
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:20584ada2563361bd7a1de266abc7e68f770e3bd36186500b2abaaa82630c3b4
Config Digest	sha256:eaf7296dfbb65b4fa2a67815a19fe3d05b05dd3f0ed2bd04b0809010e3ea0a66
V1 OCI Index Digest	sha256:e2341edd44ec8fc36591250ea4c9c4bb0a5ee387361dca9e04ace5bbc4206904
V1 Distribution (Signed) Digest	sha256:6a403fa1bca66d05d9fedfd3f070d810e641a55edd1f0945c6881ec0b3fbb1af
V1 OCI Digest	sha256:70ded668d5d447ca1a80d4b3d7a693ce56eb169c15ec104336d65a7622a143ab
V2 Distribution List Digest	sha256:5fb56f59160d3824adcf2839d9754736ee52352c4b8f1f0fd59acad35e9413ac
V1 Distribution Digest	sha256:956ca912210b4fabcb91283a81e53f09807e4366000a9739c651d6d32194eefb
V2 Distribution Digest	sha256:20584ada2563361bd7a1de266abc7e68f770e3bd36186500b2abaaa82630c3b4
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Entrypoint /cnb/process/web Env CNB_APP_DIR=/workspace \| CNB_DEPRECATION_MODE=quiet \| CNB_LAYERS_DIR=/layers \| CNB_PLATFORM_API=0.10 \| PATH=/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Labels 'org.springframework.boot.version' '3.0.4' Labels 'org.opencontainers.image.title' 'slingshot' Labels 'org.opencontainers.image.version' '0.0.1-SNAPSHOT' Labels 'io.buildpacks.build.metadata' '{"buildpacks":[{"id":"paketo-buildpacks/ca-certificates","version":"3.6.0","homepage":"https://github.com/paketo-buildpacks/ca-certificates"},{"id":"paketo-buildpacks/bellsoft-liberica","version":"9.11.0","homepage":"https://github.com/paketo-buildpacks/b' Labels 'io.buildpacks.lifecycle.metadata' '{"app":[{"sha":"sha256:4e6518b268881a79648e52e2b9cd4539ddbcd13c54d3f3fcb5b42f877b27a875"},{"sha":"sha256:0345504805f0312cf76cb4aab197e263a98d1fbec821459bfe0a1e072137f21c"},{"sha":"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"},{' Labels 'io.buildpacks.project.metadata' '{}' Labels 'io.buildpacks.stack.description' 'ubuntu:bionic with some common dependencies like tzdata and openssl' Labels 'io.buildpacks.stack.distro.name' 'ubuntu' Labels 'io.buildpacks.stack.distro.version' '18.04' Labels 'io.buildpacks.stack.homepage' 'https://github.com/paketo-buildpacks/bionic-base-stack' Labels 'io.buildpacks.stack.id' 'io.buildpacks.stacks.bionic' Labels 'io.buildpacks.stack.maintainer' 'Paketo Buildpacks' Labels 'io.buildpacks.stack.metadata' '{}' Labels 'io.buildpacks.stack.mixins' '["libhogweed4","libunistring2","libgcrypt20","liblz4-1","perl-base","bzip2","findutils","hostname","libstdc++6","mount","libcap-ng0","libsepol1","libtinfo5","passwd","libbz2-1.0","libc-bin","libgcc1","ca-certificates","dash","init-system-helpers","libblki' Labels 'io.buildpacks.stack.released' '2023-03-08T04:01:07Z' Labels 'io.paketo.stack.packages' '[{"name":"adduser","version":"3.116ubuntu1","arch":"all","source":{"name":""},"summary":"add and remove users and groups"},{"name":"apt","version":"1.6.14","arch":"amd64","source":{"name":""},"summary":"commandline package manager"},{"name":"base-files","' Labels 'org.opencontainers.image.ref.name' 'ubuntu' User 1000:1000 Working Dir /workspace
Created	1980-01-01 00:00:01 UTC
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 29994,
      "digest": "sha256:90c3680c487635878d1a6cfb02d7b358d21dea1eb9f10f4bcb4101f18ab39a0e"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 26711153,
         "digest": "sha256:0064b1b97ec0775813740e8cb92821a6d84fd38eee70bafba9c12d9c37534661"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 237,
         "digest": "sha256:e58a33339d53a41872412fa131919b7b4e8f780148054ba7afada1883bf29082"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 268,
         "digest": "sha256:b5fbcf898e36f9e6f87faa8439ffc9e8c58e4b3c8497d78b1437d20a7adcfcbf"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 8751965,
         "digest": "sha256:cc6e19af80cae5811e2265cd515856cedb27616dc853b4346f9a8bf92de201d6"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 458,
         "digest": "sha256:90e52a2df2e3f794fad532ced0809095da644a2718ab4d57528a63fd7fb5cf8c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 765,
         "digest": "sha256:4325227e5c90f5c35ac14b0835bc3f19a49cfa75dcff7be76d31380530841cbb"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 404,
         "digest": "sha256:b458db1ccdc88737e39d504ebcd00ffb75c407f17873f0ef3ec30619c6013627"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1421897,
         "digest": "sha256:f11a03a9725e4f277e7a56e03a99f2017455612c568920c00aa88158386d6950"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1563411,
         "digest": "sha256:364399075890a13f02063dfbf2ecbf576d1be58e67e13084c99c5861f1b8642d"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 376,
         "digest": "sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 53561303,
         "digest": "sha256:c78b6f030ff867e1a40b3174e1232fb2581fe992c8260d1ab1717e818f31d15b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 273,
         "digest": "sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 734402,
         "digest": "sha256:46088954c5cc872ab3957c0ca9bebdd68bc97b3f20349fbc6101fa4cff3f2009"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 54041,
         "digest": "sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 260,
         "digest": "sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 284433,
         "digest": "sha256:bdb9cc4f9c253a10b8ec6718eb7aacf2368035869239aaaab915e0d850d77821"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 41924981,
         "digest": "sha256:c5fe13efaa484f7837329c90b43c32312ff731b760ee1be468611f3c7606df86"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 82238,
         "digest": "sha256:7e3fb9fe2289fe6ed3c971a6ce676716192c6329f192ee638eb7294719a7ef27"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 22449,
         "digest": "sha256:1c1c526cf9eddf4a33bee608a4d5d5ae55491c583e138baa27bbb1d4e2c3cd44"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1021172,
         "digest": "sha256:3905ab58d7a2e590bb4e6fa9db85c17fdca677d9523370434e8621527e22586a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 613,
         "digest": "sha256:52c409c2ef4b5fe3730de835de18e7175ea3e205be44b65322756c0869ff32ae"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 198,
         "digest": "sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be"
      }
   ]
}

	Digest: sha256:0064b1b97ec0775813740e8cb92821a6d84fd38eee70bafba9c12d9c37534661 Command: /bin/sh NOP	25.5 MB
	Digest: sha256:e58a33339d53a41872412fa131919b7b4e8f780148054ba7afada1883bf29082 Command: /bin/sh NOP	237 bytes
	Digest: sha256:b5fbcf898e36f9e6f87faa8439ffc9e8c58e4b3c8497d78b1437d20a7adcfcbf Command: /bin/sh NOP	268 bytes
	Digest: sha256:cc6e19af80cae5811e2265cd515856cedb27616dc853b4346f9a8bf92de201d6 Command: /bin/sh NOP	8.3 MB
	Digest: sha256:90e52a2df2e3f794fad532ced0809095da644a2718ab4d57528a63fd7fb5cf8c Command: /bin/sh NOP	458 bytes
	Digest: sha256:4325227e5c90f5c35ac14b0835bc3f19a49cfa75dcff7be76d31380530841cbb Command: /bin/sh NOP	765 bytes
	Digest: sha256:b458db1ccdc88737e39d504ebcd00ffb75c407f17873f0ef3ec30619c6013627 Command: /bin/sh NOP	404 bytes
	Digest: sha256:f11a03a9725e4f277e7a56e03a99f2017455612c568920c00aa88158386d6950 Command: /bin/sh NOP	1.4 MB
	Digest: sha256:364399075890a13f02063dfbf2ecbf576d1be58e67e13084c99c5861f1b8642d Command: /bin/sh NOP	1.5 MB
	Digest: sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10 Command: /bin/sh NOP	376 bytes
	Digest: sha256:c78b6f030ff867e1a40b3174e1232fb2581fe992c8260d1ab1717e818f31d15b Command: /bin/sh NOP	51.1 MB
	Digest: sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31 Command: /bin/sh NOP	273 bytes
	Digest: sha256:46088954c5cc872ab3957c0ca9bebdd68bc97b3f20349fbc6101fa4cff3f2009 Command: /bin/sh NOP	717.2 KB
	Digest: sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42 Command: /bin/sh NOP	52.8 KB
	Digest: sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13 Command: /bin/sh NOP	260 bytes
	Digest: sha256:bdb9cc4f9c253a10b8ec6718eb7aacf2368035869239aaaab915e0d850d77821 Command: /bin/sh NOP	277.8 KB
	Digest: sha256:c5fe13efaa484f7837329c90b43c32312ff731b760ee1be468611f3c7606df86 Command: /bin/sh NOP	40.0 MB
	Digest: sha256:7e3fb9fe2289fe6ed3c971a6ce676716192c6329f192ee638eb7294719a7ef27 Command: /bin/sh NOP	80.3 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:1c1c526cf9eddf4a33bee608a4d5d5ae55491c583e138baa27bbb1d4e2c3cd44 Command: /bin/sh NOP	21.9 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:3905ab58d7a2e590bb4e6fa9db85c17fdca677d9523370434e8621527e22586a Command: /bin/sh NOP	997.2 KB
	Digest: sha256:52c409c2ef4b5fe3730de835de18e7175ea3e205be44b65322756c0869ff32ae Command: /bin/sh NOP	613 bytes
	Digest: sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be Command: /bin/sh NOP	198 bytes

contentgrid/slingshot 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 130.7 MB — 1 year, 5 months ago	1
contentgrid/slingshot 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 130.7 MB — 1 year, 5 months ago	1
contentgrid/slingshot 7545adc65501602553c2ac294e033bd3a560634…	image amd64 linux 130.9 MB — 1 year, 6 months ago	2
contentgrid/slingshot 51d749f24f4ba23518366f7100f07b73bd2a144…	image amd64 linux 130.9 MB — 1 year, 6 months ago	1
contentgrid/slingshot 9561abcc4613b73066f86aad08f7b0678807299…	image amd64 linux 130.9 MB — 1 year, 6 months ago	0
contentgrid/slingshot 5ccf3289bc0d59071474a2e47da242d16e5b862…	image amd64 linux 129.8 MB — 1 year, 6 months ago	0
contentgrid/slingshot 51b30d328e24e7850e6db29e72224bb2d83c746…	image amd64 linux 128.5 MB — 1 year, 6 months ago	0
contentgrid/slingshot f8577b76cd3dc1882ebc88cb6ab3a6b10b5475e…	image amd64 linux 128.6 MB — 1 year, 6 months ago	3
contentgrid/slingshot 20584ada2563361bd7a1de266abc7e68f770e3b…	image amd64 linux 129.8 MB — 1 year, 6 months ago	0
contentgrid/slingshot 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 130.7 MB — 1 year, 5 months ago	1
contentgrid/slingshot 1044cc2316ba27beabb24cac6ddd630998f5e9f…	image amd64 linux 130.9 MB — 1 year, 6 months ago	1

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

1 year, 6 months ago

Scan result

Vulnerable

Vulnerability count

Max. severity

Medium

Target:	. (ubuntu 18.04)
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: gcc-8-base Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libgcc1 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libstdc++6 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libsystemd0 Installed Version: 237-3ubuntu10.56 Fixed Version: 237-3ubuntu10.57 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org nvd.nist.gov ubuntu.com
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libudev1 Installed Version: 237-3ubuntu10.56 Fixed Version: 237-3ubuntu10.57 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org nvd.nist.gov ubuntu.com
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 8.28-1ubuntu1 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com cve.mitre.org lists.apache.org lore.kernel.org
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. Package Name: gpgv Installed Version: 2.2.4-1ubuntu1.6 Fixed Version: References: access.redhat.com bugzilla.redhat.com cve.mitre.org dev.gnupg.org dev.gnupg.org marc.info
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-9ubuntu0.1 Fixed Version: References: openwall.com www.securityfocus.com access.redhat.com cve.mitre.org lists.apache.org
LOW	CVE-2023-26604: systemd: privilege escalation via the less pager systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Package Name: libsystemd0 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com blog.compass-security.com cve.mitre.org github.com github.com medium.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2023-26604: systemd: privilege escalation via the less pager systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. Package Name: libudev1 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com blog.compass-security.com cve.mitre.org github.com github.com medium.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: login Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: passwd Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com

These instructions assume you have setup the repository first (or read it).

To pull contentgrid/slingshot @ reference/tag sha256:20584ada2563361bd7a1de266abc7e68f770e3bd36186500b2abaaa82630c3b4:

docker pull open-source.docker.xenit.eu/contentgrid/slingshot@sha256:20584ada2563361bd7a1de266abc7e68f770e3bd36186500b2abaaa82630c3b4

You can also pull the latest version of this image (if it exists):

docker pull open-source.docker.xenit.eu/contentgrid/slingshot:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM open-source.docker.xenit.eu/contentgrid/slingshot@sha256:20584ada2563361bd7a1de266abc7e68f770e3bd36186500b2abaaa82630c3b4

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 0.0.1-SNAPSHOT

Next Version: f8577b76cd3dc1882eb…

contentgrid/slingshot 20584ada2563361bd7a1de266ab…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2022-3821: systemd: buffer overrun in format_timespan() function

CVE-2022-3821: systemd: buffer overrun in format_timespan() function

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

CVE-2023-26604: systemd: privilege escalation via the less pager

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2023-26604: systemd: privilege escalation via the less pager

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees