Cloudsmith - Repositories - Xenit Solutions (xenit) - open-source (open-source) - contentgrid/solon

Package Search Help

You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.

Search by package name:
my-package _(implicit)
name:my-package _(explicit)

Search by package filename:
my-package.ext _(implicit)
filename:my-package.ext _(explicit)

Search by package tag:
latest _(implicit)
tag:latest _(explicit)

Search by package version:
1.0.0 _(implicit)
version:1.0.0 _(explicit)
prerelease:true _{(prereleases)}
prerelease:false _{(no prereleases)}

Search by package architecture:
architecture:x86_64

Search by package distribution:
distribution:el

Search by package license:
license:MIT

Search by package format:
format:deb

Search by package status:
status:in_progress

Search by package file checksum:
checksum:5afba

Search by package security status:
severity:critical

Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000

Search by # of package downloads:
downloads:>8
downloads:<100

Search by package type:
type:binary
type:source

Search by package size (bytes):
size:>50000
size:<10000

Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0

Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"

Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY

Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true

Search by repository:
repository:repo-name

Search queries for all Debian-specific (and related) package types

Search by component:
deb_component:unstable

Search queries for all Maven-specific (and related) package types

Search by group ID:
maven_group_id:org.apache

Search queries for all Docker-specific (and related) package types

Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)

Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)

Field type modifiers (depending on the type, you can influence behaviour)

For all queries, you can use:
~foo for negation

For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching

For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal

Need a secure and centralised artifact repository to deliver Alpine, Cargo, CocoaPods, Composer, Conan, Conda, CRAN, Dart, Debian, Docker, Go, Helm, Hex, LuaRocks, Maven, npm, NuGet, P2, Python, RedHat, Ruby, Swift, Terraform, Vagrant, Raw & More packages?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial

Set Me Up

Open-Source — xenit (Xenit Solutions) / open-source — GitHub Project

A certifiably-awesome open-source package repository curated by Xenit Solutions, hosted by Cloudsmith.

Note: Packages in this repository are licensed as Apache License 2.0 (dependencies may be licensed differently).

contentgrid/solon 094dafd8fd222f75e0168887223…

Download

One-liner (summary)

A certifiably-awesome package curated by github, hosted by Cloudsmith.

Description

A certifiably-awesome package curated by github, hosted by Cloudsmith.

License

Unknown

Size

129.6 MB

Downloads

Tags

image amd64 linux

Status	Completed
GPG Signature	Download
Storage Region	Frankfurt, Germany
Type	Binary (contains binaries and binary artifacts)
Uploaded At	1 year, 6 months ago
Uploaded By
Slug Id	contentgridsolon-mWz
Unique Id	5vhHADU7s9YQ
Version (Raw)	094dafd8fd222f75e01688872239c83473df17a7a923303f0d34e69e6d3f63bb
Version (Parsed)	Type: Unknown
	docker-specific metadata
Image Digest	sha256:094dafd8fd222f75e01688872239c83473df17a7a923303f0d34e69e6d3f63bb
Config Digest	sha256:763b1fd68e54e440a4c18109f3fa0143cf634643c62aaae96fb9b195f50c7ef5
V1 OCI Index Digest	sha256:32c9719330fa1d0f0000f53135672245483d4624f888075efbcaf30ceab4b812
V1 Distribution (Signed) Digest	sha256:c4108f9787547d3c1a7097d75ef055c4fdf5664a2f2b0d94bd118004f1ae6011
V1 OCI Digest	sha256:0975ebe813bd151d32516fd12f4165b05a743863a12a48aa221a4851dc7ae3b1
V2 Distribution List Digest	sha256:a4901e1ff256537f814ad112898db9ad33da00bffb98e1d0ce8d60ed7ac49f1a
V1 Distribution Digest	sha256:3231a5f1c0d571527ed36cd93e96d1d5d9d70fd3a412df41c3d521699727001d
V2 Distribution Digest	sha256:094dafd8fd222f75e01688872239c83473df17a7a923303f0d34e69e6d3f63bb
	extended metadata
Manifest Type	V2 Distribution
Architecture	amd64
Config	Entrypoint /cnb/process/web Env CNB_APP_DIR=/workspace \| CNB_DEPRECATION_MODE=quiet \| CNB_LAYERS_DIR=/layers \| CNB_PLATFORM_API=0.10 \| PATH=/cnb/process:/cnb/lifecycle:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin Labels 'org.springframework.boot.version' '3.0.3' Labels 'org.opencontainers.image.title' 'contentgrid-solon' Labels 'org.opencontainers.image.version' '0.0.1-SNAPSHOT' Labels 'io.buildpacks.build.metadata' '{"buildpacks":[{"id":"paketo-buildpacks/ca-certificates","version":"3.5.1","homepage":"https://github.com/paketo-buildpacks/ca-certificates"},{"id":"paketo-buildpacks/bellsoft-liberica","version":"9.10.3","homepage":"https://github.com/paketo-buildpacks/b' Labels 'io.buildpacks.lifecycle.metadata' '{"app":[{"sha":"sha256:df0ab51c49e67ddd52ba14832c02ce8c151b668c834c309c8066d6758dd614da"},{"sha":"sha256:0345504805f0312cf76cb4aab197e263a98d1fbec821459bfe0a1e072137f21c"},{"sha":"sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"},{' Labels 'io.buildpacks.project.metadata' '{}' Labels 'io.buildpacks.stack.description' 'ubuntu:bionic with some common dependencies like tzdata and openssl' Labels 'io.buildpacks.stack.distro.name' 'ubuntu' Labels 'io.buildpacks.stack.distro.version' '18.04' Labels 'io.buildpacks.stack.homepage' 'https://github.com/paketo-buildpacks/bionic-base-stack' Labels 'io.buildpacks.stack.id' 'io.buildpacks.stacks.bionic' Labels 'io.buildpacks.stack.maintainer' 'Paketo Buildpacks' Labels 'io.buildpacks.stack.metadata' '{}' Labels 'io.buildpacks.stack.mixins' '["netbase","libattr1","libexpat1","libhogweed4","libpam-modules-bin","libprocps6","libc-bin","libfdisk1","libsmartcols1","apt","base-passwd","perl-base","libacl1","libdebconfclient0","tzdata","libsemanage1","libyaml-0-2","libtinfo5","libselinux1","dash","' Labels 'io.buildpacks.stack.released' '2023-02-14T19:40:08Z' Labels 'io.paketo.stack.packages' '[{"name":"adduser","version":"3.116ubuntu1","arch":"all","source":{"name":""},"summary":"add and remove users and groups"},{"name":"apt","version":"1.6.14","arch":"amd64","source":{"name":""},"summary":"commandline package manager"},{"name":"base-files","' Labels 'org.opencontainers.image.ref.name' 'ubuntu' User 1000:1000 Working Dir /workspace
Created	1980-01-01 00:00:01 UTC
Os	linux

This package was uploaded with the following V2 Distribution manifest:

{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
   "config": {
      "mediaType": "application/vnd.docker.container.image.v1+json",
      "size": 30002,
      "digest": "sha256:d2156e20c03819800e802f91c969a9fd4058648863625bf411b5b906ceb87aa9"
   },
   "layers": [
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 26711594,
         "digest": "sha256:456d651ccb276bafe702e453add4a4f15b511fd3234cb7db898c22540ad3c8c1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 237,
         "digest": "sha256:b56a40e684784b9f2c3ec8a1e6b233f6565c6aa5567ab9d50e6b1ba37f997f46"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 269,
         "digest": "sha256:e0a4d003667c3c12d7faab7a47c085218e8a3165fc73837b77a89f6187f46efc"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 8813634,
         "digest": "sha256:bf658c6af3e980d7752704684386a83c6be2ad1e524e57819cd06bbb3f3c207c"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 458,
         "digest": "sha256:7fcace1ba36552962e9e9f69640b9658c32720601773254747d9966bf190fad4"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 765,
         "digest": "sha256:413701529c5e320d179b7a0c6a16628a86683c0f834901b9504c3198b512b74b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 404,
         "digest": "sha256:93b4dc2235ccb8cc4441da4f036ca0d3c7d09ce09d60bc99c1b3d8903d14ba03"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1421491,
         "digest": "sha256:0d8c6a34061683ca800c28a825174fd07e0334e4880e98d5c48bf0ab1389a78a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1563419,
         "digest": "sha256:4d1f7adfce7458e85e63983649217016a5baf42aca91615ea68a6523d5895d3b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 376,
         "digest": "sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 53561303,
         "digest": "sha256:c78b6f030ff867e1a40b3174e1232fb2581fe992c8260d1ab1717e818f31d15b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 273,
         "digest": "sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 734400,
         "digest": "sha256:9a732b858e23616aee8a480d76d125dff7c03a92f3e424ec02437b4d6816998b"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 54041,
         "digest": "sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 260,
         "digest": "sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 57736,
         "digest": "sha256:cf0650d48ef4a51118c53bf86f73839d266131bdbbfe30a88c7978e648a8ee20"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 41824642,
         "digest": "sha256:bafcdc7abd9239e72ea70656d36acc997d642d3c786f394f7f4765c5897d8fc2"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 82238,
         "digest": "sha256:7e3fb9fe2289fe6ed3c971a6ce676716192c6329f192ee638eb7294719a7ef27"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 16725,
         "digest": "sha256:69128aaa9b5a0d0277532245398776145133b662b1c1a3722339baea6200deb3"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 32,
         "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 1021172,
         "digest": "sha256:3905ab58d7a2e590bb4e6fa9db85c17fdca677d9523370434e8621527e22586a"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 624,
         "digest": "sha256:eb3d73767734711f2f971e6da657c50ef4bdbe09148f874582ad24ee42fedfeb"
      },
      {
         "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
         "size": 198,
         "digest": "sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be"
      }
   ]
}

	Digest: sha256:456d651ccb276bafe702e453add4a4f15b511fd3234cb7db898c22540ad3c8c1 Command: /bin/sh NOP	25.5 MB
	Digest: sha256:b56a40e684784b9f2c3ec8a1e6b233f6565c6aa5567ab9d50e6b1ba37f997f46 Command: /bin/sh NOP	237 bytes
	Digest: sha256:e0a4d003667c3c12d7faab7a47c085218e8a3165fc73837b77a89f6187f46efc Command: /bin/sh NOP	269 bytes
	Digest: sha256:bf658c6af3e980d7752704684386a83c6be2ad1e524e57819cd06bbb3f3c207c Command: /bin/sh NOP	8.4 MB
	Digest: sha256:7fcace1ba36552962e9e9f69640b9658c32720601773254747d9966bf190fad4 Command: /bin/sh NOP	458 bytes
	Digest: sha256:413701529c5e320d179b7a0c6a16628a86683c0f834901b9504c3198b512b74b Command: /bin/sh NOP	765 bytes
	Digest: sha256:93b4dc2235ccb8cc4441da4f036ca0d3c7d09ce09d60bc99c1b3d8903d14ba03 Command: /bin/sh NOP	404 bytes
	Digest: sha256:0d8c6a34061683ca800c28a825174fd07e0334e4880e98d5c48bf0ab1389a78a Command: /bin/sh NOP	1.4 MB
	Digest: sha256:4d1f7adfce7458e85e63983649217016a5baf42aca91615ea68a6523d5895d3b Command: /bin/sh NOP	1.5 MB
	Digest: sha256:5c96df4fa74419241e670f997779d09d61ea9e9a79d6450bf6369070d8025b10 Command: /bin/sh NOP	376 bytes
	Digest: sha256:c78b6f030ff867e1a40b3174e1232fb2581fe992c8260d1ab1717e818f31d15b Command: /bin/sh NOP	51.1 MB
	Digest: sha256:9ad49796e8f672ade2af8037e0414d838adef5393d21a72ebb3af34a88a08c31 Command: /bin/sh NOP	273 bytes
	Digest: sha256:9a732b858e23616aee8a480d76d125dff7c03a92f3e424ec02437b4d6816998b Command: /bin/sh NOP	717.2 KB
	Digest: sha256:c3bb63ae433b788c45d616b3608a358ff9a30ca35c1e15c8cbd7465abaf93c42 Command: /bin/sh NOP	52.8 KB
	Digest: sha256:e2fea22f3a9e23981400ba7e992df5cdd3b0a9b7733fa4fb0d93fc40afadbd13 Command: /bin/sh NOP	260 bytes
	Digest: sha256:cf0650d48ef4a51118c53bf86f73839d266131bdbbfe30a88c7978e648a8ee20 Command: /bin/sh NOP	56.4 KB
	Digest: sha256:bafcdc7abd9239e72ea70656d36acc997d642d3c786f394f7f4765c5897d8fc2 Command: /bin/sh NOP	39.9 MB
	Digest: sha256:7e3fb9fe2289fe6ed3c971a6ce676716192c6329f192ee638eb7294719a7ef27 Command: /bin/sh NOP	80.3 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:69128aaa9b5a0d0277532245398776145133b662b1c1a3722339baea6200deb3 Command: /bin/sh NOP	16.3 KB
	Digest: sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 Command: /bin/sh NOP	32 bytes
	Digest: sha256:3905ab58d7a2e590bb4e6fa9db85c17fdca677d9523370434e8621527e22586a Command: /bin/sh NOP	997.2 KB
	Digest: sha256:eb3d73767734711f2f971e6da657c50ef4bdbe09148f874582ad24ee42fedfeb Command: /bin/sh NOP	624 bytes
	Digest: sha256:3a4cb709502c02c84a45e39cabd30b603b73e8e6428ab1b92d49d401da8e71be Command: /bin/sh NOP	198 bytes

contentgrid/solon 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 133.0 MB — 1 year, 6 months ago	2
contentgrid/solon 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 133.0 MB — 1 year, 6 months ago	2
contentgrid/solon ff5ad36d9338423a253b4092261e4177d92905f…	image amd64 linux 133.2 MB — 1 year, 6 months ago	1
contentgrid/solon bc95406be8ef99beb5b012ac40731c05a37d3c0…	image amd64 linux 133.2 MB — 1 year, 6 months ago	0
contentgrid/solon ba3f554e74389d93473c23f040fdee05fae1278…	image amd64 linux 128.5 MB — 1 year, 9 months ago	6
contentgrid/solon a31cf8818c175ddcfb010678cf285eeb93aba8c…	image amd64 linux 128.5 MB — 1 year, 9 months ago	3
contentgrid/solon 810af5802e7d3b63c416c40e8e9706a73238e95…	image amd64 linux 128.5 MB — 1 year, 9 months ago	1
contentgrid/solon 749d850c19cc28b22adc166866c04e76a556809…	image amd64 linux 128.5 MB — 1 year, 9 months ago	1
contentgrid/solon a59c20429237711ce1c64966cb12d0c88315c21…	image amd64 linux 128.5 MB — 1 year, 10 months ago	1
contentgrid/solon 0b32a96d706fd186e782b8da4249501e64fbc09…	image amd64 linux 128.5 MB — 1 year, 10 months ago	0
contentgrid/solon 094dafd8fd222f75e01688872239c83473df17a…	image amd64 linux 129.6 MB — 1 year, 6 months ago	2
contentgrid/solon 0.0.1-SNAPSHOT	image amd64 linux SNAPSHOT 133.0 MB — 1 year, 6 months ago	2

Only packages within the same repository are displayed. The current package you're viewing is highlighted.

Last scanned

1 year, 6 months ago

Scan result

Vulnerable

Vulnerability count

Max. severity

Medium

Target:	. (ubuntu 18.04)
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: gcc-8-base Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libgcc1 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2020-13844: kernel: ARM straight-line speculation vulnerability Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." Package Name: libstdc++6 Installed Version: 8.4.0-1ubuntu1~18.04 Fixed Version: References: lists.llvm.org lists.opensuse.org lists.opensuse.org access.redhat.com cve.mitre.org developer.arm.com developer.arm.com developer.arm.com gcc.gnu.org git.kernel.org
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libsystemd0 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org nvd.nist.gov
MEDIUM	CVE-2022-3821: systemd: buffer overrun in format_timespan() function An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. Package Name: libudev1 Installed Version: 237-3ubuntu10.56 Fixed Version: References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.fedoraproject.org nvd.nist.gov
LOW	CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Package Name: coreutils Installed Version: 8.28-1ubuntu1 Fixed Version: References: seclists.org www.openwall.com www.openwall.com access.redhat.com cve.mitre.org lists.apache.org lore.kernel.org
LOW	CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB. Package Name: gpgv Installed Version: 2.2.4-1ubuntu1.6 Fixed Version: References: access.redhat.com bugzilla.redhat.com cve.mitre.org dev.gnupg.org dev.gnupg.org marc.info
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc-bin Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: libc6 Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncurses5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libncursesw5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression. Package Name: libpcre3 Installed Version: 2:8.39-9ubuntu0.1 Fixed Version: References: openwall.com www.securityfocus.com access.redhat.com cve.mitre.org lists.apache.org
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: libtinfo5 Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: git.savannah.gnu.org access.redhat.com cve.mitre.org debbugs.gnu.org debbugs.gnu.org debbugs.gnu.org lists.apache.org lists.apache.org security.netapp.com sourceware.org sourceware.org sourceware.org support.f5.com support.f5.com ubuntu.com
LOW	CVE-2015-8985: glibc: potential denial of service in pop_fail_stack() The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: www.openwall.com www.securityfocus.com access.redhat.com bugs.debian.org cve.mitre.org security.gentoo.org sourceware.org
LOW	CVE-2016-20013 sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. Package Name: locales Installed Version: 2.27-3ubuntu1.6 Fixed Version: References: akkadia.org cve.mitre.org pthree.org twitter.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: login Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-base Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: lists.opensuse.org lists.opensuse.org access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.gnu.org lists.gnu.org security.gentoo.org ubuntu.com
LOW	CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: cvsweb.netbsd.org seclists.org seclists.org seclists.org seclists.org access.redhat.com cve.mitre.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com support.apple.com support.apple.com ubuntu.com
LOW	CVE-2022-29458: ncurses: segfaulting OOB read ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Package Name: ncurses-bin Installed Version: 6.1-1ubuntu1.18.04 Fixed Version: References: seclists.org access.redhat.com cve.mitre.org invisible-island.net lists.debian.org lists.gnu.org lists.gnu.org nvd.nist.gov support.apple.com ubuntu.com
LOW	CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Package Name: passwd Installed Version: 1:4.5-1ubuntu2.5 Fixed Version: References: access.redhat.com access.redhat.com bugs.launchpad.net bugzilla.redhat.com cve.mitre.org github.com github.com lists.apache.org security-tracker.debian.org security.gentoo.org ubuntu.com ubuntu.com
Target:	layers/paketo-buildpacks_bellsoft-liberica/helper/helper
LOW	CVE-2022-41723: [http2/hpack: avoid quadratic complexity in hpack decoding] A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. Package Name: golang.org/x/net Installed Version: v0.5.0 Fixed Version: 0.7.0 References: github.com go.dev go.dev go.dev groups.google.com nvd.nist.gov pkg.go.dev vuln.go.dev

These instructions assume you have setup the repository first (or read it).

To pull contentgrid/solon @ reference/tag sha256:094dafd8fd222f75e01688872239c83473df17a7a923303f0d34e69e6d3f63bb:

docker pull open-source.docker.xenit.eu/contentgrid/solon@sha256:094dafd8fd222f75e01688872239c83473df17a7a923303f0d34e69e6d3f63bb

You can also pull the latest version of this image (if it exists):

docker pull open-source.docker.xenit.eu/contentgrid/solon:latest

To refer to this image after pulling in a Dockerfile, specify the following:

FROM open-source.docker.xenit.eu/contentgrid/solon@sha256:094dafd8fd222f75e01688872239c83473df17a7a923303f0d34e69e6d3f63bb

Still stuck? Need help? Don't panic. Just contact us for help (even if you're not a customer).

Previous Version: 0.0.1-SNAPSHOT

Next Version: 0b32a96d706fd186e78…

contentgrid/solon 094dafd8fd222f75e0168887223…

One-liner (summary)

Description

License

Size

Downloads

Tags

Last scanned

Scan result

Vulnerability count

Max. severity

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2020-13844: kernel: ARM straight-line speculation vulnerability

CVE-2022-3821: systemd: buffer overrun in format_timespan() function

CVE-2022-3821: systemd: buffer overrun in format_timespan() function

CVE-2016-2781: coreutils: Non-privileged session can escape to the parent session in chroot

CVE-2022-3219: gnupg: denial of service issue (resource consumption) using compressed packets

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2017-11164: pcre: OP_KETRMAX feature in the match function in pcre_exec.c

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2009-5155: glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result

CVE-2015-8985: glibc: potential denial of service in pop_fail_stack()

CVE-2016-20013

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2019-17594: ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c

CVE-2019-17595: ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c

CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo() in captoinfo.c

CVE-2022-29458: ncurses: segfaulting OOB read

CVE-2013-4235: shadow-utils: TOCTOU race conditions by copying and removing directory trees

CVE-2022-41723: [http2/hpack: avoid quadratic complexity in hpack decoding]