You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.
Search by package name:
my-package (implicit)
name:my-package (explicit)
Search by package filename:
my-package.ext (implicit)
filename:my-package.ext (explicit)
Search by package tag:
latest (implicit)
tag:latest (explicit)
Search by package version:
1.0.0 (implicit)
version:1.0.0 (explicit)
prerelease:true (prereleases)
prerelease:false (no prereleases)
Search by package architecture:
architecture:x86_64
Search by package distribution:
distribution:el
Search by package license:
license:MIT
Search by package format:
format:deb
Search by package status:
status:in_progress
Search by package file checksum:
checksum:5afba
Search by package security status:
severity:critical
Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000
Search by # of package downloads:
downloads:>8
downloads:<100
Search by package type:
type:binary
type:source
Search by package size (bytes):
size:>50000
size:<10000
Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0
Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"
Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY
Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true
Search by repository:
repository:repo-name
Search queries for all Debian-specific (and related) package types
Search by component:
deb_component:unstable
Search queries for all Maven-specific (and related) package types
Search by group ID:
maven_group_id:org.apache
Search queries for all Docker-specific (and related) package types
Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)
Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)
Field type modifiers (depending on the type, you can influence behaviour)
For all queries, you can use:
~foo for negation
For string queries, you can use:
^foo to anchor to start of term
foo$ to anchor to end of term
foo*bar for fuzzy matching
For number/date or version queries, you can use:
>foo for values greater than
>=foo for values greater / equal
<foo for values less than
<=foo for values less / equal
Need a secure and centralised artifact repository to deliver Alpine,
Cargo,
CocoaPods,
Composer,
Conan,
Conda,
CRAN,
Dart,
Debian,
Docker,
Go,
Helm,
Hex,
LuaRocks,
Maven,
npm,
NuGet,
P2,
Python,
RedHat,
Ruby,
Swift,
Terraform,
Vagrant,
Raw & More packages?
Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.
With support for all major package formats, you can trust us to manage your software supply chain.
Helm
xenit
(Xenit Solutions)
/
open-source
—
GitHub Project
oracle-python
1411216b8dc290c861ef96c8eeb…
One-liner (summary)
Description
| Status | Completed |
|---|---|
| Checksum (MD5) | e62fd9a8fd481461d58756b5cd82ca53 |
| Checksum (SHA-1) | 20ceb5e3c966ebc84ad6645124d1a544be0bd98d |
| Checksum (SHA-256) | 1411216b8dc290c861ef96c8eeb06d6d2ed7e042c1e95311a3549634c459c800 |
| Checksum (SHA-512) | 1359455c30b06626627535aa091eaacdc84b9758fcd4bc61d0ba7dc58a3e0c93e2… |
| GPG Signature | |
| GPG Fingerprint | 14470fdf36fd6dc2f943a5fad23c41a52ddef4fa |
| Storage Region | Frankfurt, Germany |
| Type | Binary (contains binaries and binary artifacts) |
| Uploaded At | 1 month, 3 weeks ago |
| Uploaded By |
|
| Slug Id | oracle-python-wxmc |
| Unique Id | MGYuMwXncGgj |
| Version (Raw) | 1411216b8dc290c861ef96c8eeb06d6d2ed7e042c1e95311a3549634c459c800 |
| Version (Parsed) |
|
| docker-specific metadata | |
| Image Digest | sha256:1411216b8dc290c861ef96c8eeb06d6d2ed7e042c1e95311a3549634c459c800 |
| Config Digest | sha256:b104138492a9f22947cfeab9482b1610e7f86f79a9537d42545e49c572cbbdb6 |
| V1 OCI Index Digest | sha256:a4f27a8db1b1e7278bf09361a9d92ed48552a6ca153d3a4641e99909ef5cd90d |
| V1 Distribution (Signed) Digest | sha256:beb2323cac5f6a9e6e2fea2e4e62cbc87b438d888c4640d61b7b068999bacb2f |
| V1 OCI Digest | sha256:6adc080094b370d4d5242f6a12dfb6dede2f5cacdc266419e82a79f9f4b4a20c |
| V2 Distribution List Digest | sha256:98d6dc31f80f32a93b10a5c10857142f375aaadfd9deec7728c80b49250ffa20 |
| V1 Distribution Digest | sha256:7b2902c990efef6f049065a826a9322ccfc317e437cd2167e7ca9406ac1d2b7f |
| V2 Distribution Digest | sha256:1411216b8dc290c861ef96c8eeb06d6d2ed7e042c1e95311a3549634c459c800 |
| extended metadata | |
| Manifest Type | V2 Distribution |
| Architecture | amd64 |
| Config | |
| Container | 0ad1f8e9bf3aef04c1515326f1fdd059a490426e927e40259c20f624c983409b |
| Container Config | |
| Created | 2024-09-11 16:10:01 UTC |
| Docker Version | 26.1.3 |
| Os | linux |
This package was uploaded with the following V2 Distribution manifest:
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"size": 4480,
"digest": "sha256:bda0c7567b30b16e0249003146830cda99fa0c2598dfe66c7d7374c5b8d61577"
},
"layers": [
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 100715124,
"digest": "sha256:adaa90b6e671c8dbb4f88a663eaaed9a3ddd87cbc357d4e20b81dbd79ad86375"
},
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 87337795,
"digest": "sha256:549f5fee1e60d8da1d45060a8d79dac3230541bb47fc56c3ccda0d872b99c37b"
},
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 453281894,
"digest": "sha256:cc41f8843627d9f2cb87a047dc724d40c4c2e3e3aeb6fbd6732b3507a629e4d5"
},
{
"mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip",
"size": 19583057,
"digest": "sha256:f181b0cb9087670384586765b9a9f0dd6c232ed3cf5b5b32ae5bd9ac9efd3043"
}
]
}|
Digest:
sha256:adaa90b6e671c8dbb4f88a663eaaed9a3ddd87cbc357d4e20b81dbd79ad86375
Command: /bin/sh -c #(nop) ADD file:0a3a9e560f49471ac4b4a04d79e5a1656dcd3d69171fba02bbe289545bb48815 in / |
96.0 MB | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) CMD ["/bin/bash"] |
32 bytes | ||
|
Digest:
sha256:549f5fee1e60d8da1d45060a8d79dac3230541bb47fc56c3ccda0d872b99c37b
Command: RUN /bin/sh -c dnf -y install oracle-instantclient-release-el8 && dnf -y install oracle-instantclient-basic oracle-instantclient-devel oracle-instantclient-sqlplus && rm -rf /var/cache/dnf # buildkit |
83.3 MB | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: CMD ["sqlplus" "-v"] |
32 bytes | ||
|
Digest:
sha256:cc41f8843627d9f2cb87a047dc724d40c4c2e3e3aeb6fbd6732b3507a629e4d5
Command: /bin/sh -c yum install -y oracle-epel-release-el8 && yum install -y python3.11 python3.11-devel python3.11-pip gcc-c++ |
432.3 MB | ||
|
Digest:
sha256:f181b0cb9087670384586765b9a9f0dd6c232ed3cf5b5b32ae5bd9ac9efd3043
Command: /bin/sh -c pip3.11 install cx_Oracle requests sqlalchemy records==0.6.0 && yum remove -y gcc-c++ && rm -rf /root/.cache /usr/lib/python3*/__pycache && rm -rf /var/cache/yum |
18.7 MB | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL eu.xenit.gradle.docker.git.branch=main |
32 bytes | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL eu.xenit.gradle.docker.git.commit.author=Wim Fabri <wim.fabri@xenit.eu> |
32 bytes | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL eu.xenit.gradle.docker.git.commit.id=a35af8771921ac92169f9c267b0b09a3b0c8615a |
32 bytes | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL eu.xenit.gradle.docker.git.commit.url=https://github.com/xenit-eu/oracle-python/commit/a35af8771921ac92169f9c267b0b09a3b0c8615a |
32 bytes | ||
|
Digest:
sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4
Command: /bin/sh -c #(nop) LABEL eu.xenit.gradle.docker.git.origin=https://github.com/xenit-eu/oracle-python |
32 bytes |
|
|
oracle-python |
114 |
|
||
|
|
oracle-python |
3 |
|
||
|
|
oracle-python |
66 |
|
||
|
|
oracle-python |
16 |
|
||
|
|
oracle-python |
12 |
|
Last scanned
1 month, 3 weeks ago
Scan result
Vulnerable
Vulnerability count
16
Max. severity
High| Target: | . (oracle 8.10) | |
| HIGH |
CVE-2024-1737: bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same namResolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.Package Name: bind-export-libs Installed Version: 32:9.11.36-14.el8_10 Fixed Version: 32:9.11.36-16.el8_10.2 References: www.openwall.com www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org kb.isc.org kb.isc.org linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com ubuntu.com www.cve.org |
|
| HIGH |
CVE-2024-1975: bind9: bind: SIG(0) can be used to exhaust CPU resourcesIf a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.Package Name: bind-export-libs Installed Version: 32:9.11.36-14.el8_10 Fixed Version: 32:9.11.36-16.el8_10.2 References: www.openwall.com www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org kb.isc.org linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com ubuntu.com ubuntu.com www.cve.org |
|
| HIGH |
CVE-2021-40528: libgcrypt: ElGamal implementation allows plaintext recoveryThe ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's public key, and the sender's ephemeral exponents can lead to a cross-configuration attack against OpenPGP.Package Name: libgcrypt Installed Version: 1.8.5-7.el8_6 Fixed Version: 10:1.8.5-7.el8_6_fips References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org dev.gnupg.org eprint.iacr.org errata.almalinux.org errata.rockylinux.org git.gnupg.org ibm.github.io ibm.github.io linux.oracle.com linux.oracle.com nvd.nist.gov security.gentoo.org ubuntu.com ubuntu.com www.cve.org |
|
| MEDIUM |
CVE-2024-2398: curl: HTTP/2 push headers memory-leakWhen an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.Package Name: curl Installed Version: 7.61.1-34.el8 Fixed Version: 7.61.1-34.el8_10.2 References: seclists.org seclists.org seclists.org www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com curl.se curl.se errata.almalinux.org hackerone.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com support.apple.com support.apple.com support.apple.com ubuntu.com ubuntu.com ubuntu.com www.cve.org |
|
| MEDIUM |
CVE-2021-20231: gnutls: Use after free in client key_share extensionA flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.Package Name: gnutls Installed Version: 3.6.16-8.el8_9.3 Fixed Version: 10:3.6.16-4.0.1.el8_fips References: access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.com linux.oracle.com linux.oracle.com lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.fedoraproject.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org www.gnutls.org |
|
| MEDIUM |
CVE-2021-20232: gnutls: Use after free in client_send_params in lib/ext/pre_shared_key.cA flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.Package Name: gnutls Installed Version: 3.6.16-8.el8_9.3 Fixed Version: 10:3.6.16-4.0.1.el8_fips References: access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.com linux.oracle.com linux.oracle.com lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.apache.org lists.fedoraproject.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org www.gnutls.org |
|
| MEDIUM |
CVE-2021-3580: nettle: Remote crash in RSA decryption via manipulated ciphertextA flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.Package Name: gnutls Installed Version: 3.6.16-8.el8_9.3 Fixed Version: 10:3.6.16-4.0.1.el8_fips References: access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org cve.mitre.org cve.mitre.org errata.almalinux.org errata.rockylinux.org linux.oracle.com linux.oracle.com lists.debian.org nvd.nist.gov security.gentoo.org security.netapp.com ubuntu.com www.cve.org |
|
| MEDIUM |
CVE-2024-0553: gnutls: incomplete fix for CVE-2023-5981A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.Package Name: gnutls Installed Version: 3.6.16-8.el8_9.3 Fixed Version: 10:3.6.16-8.el8_9.1_fips References: www.openwall.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org gitlab.com gnutls.org linux.oracle.com linux.oracle.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org lists.gnupg.org nvd.nist.gov security.netapp.com ubuntu.com www.cve.org |
|
| MEDIUM |
CVE-2024-37370: krb5: GSS message token handlingIn MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.Package Name: krb5-libs Installed Version: 1.18.2-27.0.1.el8_10 Fixed Version: 1.18.2-29.0.1.el8_10 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org github.com linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com web.mit.edu web.mit.edu www.cve.org |
|
| MEDIUM |
CVE-2024-37371: krb5: GSS message token handlingIn MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.Package Name: krb5-libs Installed Version: 1.18.2-27.0.1.el8_10 Fixed Version: 1.18.2-29.0.1.el8_10 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com errata.almalinux.org github.com linux.oracle.com linux.oracle.com nvd.nist.gov ubuntu.com web.mit.edu web.mit.edu www.cve.org |
|
| MEDIUM |
CVE-2024-2398: curl: HTTP/2 push headers memory-leakWhen an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit (1000), libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead leaks the memory. Further, this error condition fails silently and is therefore not easily detected by an application.Package Name: libcurl Installed Version: 7.61.1-34.el8 Fixed Version: 7.61.1-34.el8_10.2 References: seclists.org seclists.org seclists.org www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com curl.se curl.se errata.almalinux.org hackerone.com linux.oracle.com linux.oracle.com lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.netapp.com support.apple.com support.apple.com support.apple.com ubuntu.com ubuntu.com ubuntu.com www.cve.org |
|
| MEDIUM |
CVE-2021-33560: libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powmLibgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.Package Name: libgcrypt Installed Version: 1.8.5-7.el8_6 Fixed Version: 10:1.8.5-6.el8_fips References: access.redhat.com access.redhat.com dev.gnupg.org dev.gnupg.org dev.gnupg.org dev.gnupg.org eprint.iacr.org errata.almalinux.org linux.oracle.com linux.oracle.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org nvd.nist.gov security.gentoo.org ubuntu.com ubuntu.com www.cve.org www.oracle.com www.oracle.com www.oracle.com www.oracle.com |
|
| MEDIUM |
CVE-2024-28182: nghttp2: CONTINUATION frames DoSnghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.Package Name: libnghttp2 Installed Version: 1.33.0-5.el8_9 Fixed Version: 1.33.0-6.el8_10.1 References: www.openwall.com access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com linux.oracle.com linux.oracle.com lists.debian.org lists.fedoraproject.org lists.fedoraproject.org lists.fedoraproject.org nowotarski.info nvd.nist.gov ubuntu.com ubuntu.com www.cve.org www.kb.cert.org |
|
| MEDIUM |
CVE-2024-6345: pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptoolsA vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.Package Name: platform-python-setuptools Installed Version: 39.2.0-7.el8 Fixed Version: 39.2.0-8.el8_10 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com huntr.com linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org |
|
| MEDIUM |
CVE-2024-6345: pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptoolsA vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.Package Name: python3-setuptools-wheel Installed Version: 39.2.0-7.el8 Fixed Version: 39.2.0-8.el8_10 References: access.redhat.com access.redhat.com bugzilla.redhat.com bugzilla.redhat.com cve.mitre.org errata.almalinux.org errata.rockylinux.org github.com github.com github.com huntr.com linux.oracle.com linux.oracle.com nvd.nist.gov www.cve.org |
|
| LOW |
CVE-2023-2953: openldap: null pointer dereference in ber_memalloc_x functionA vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.Package Name: openldap Installed Version: 2.4.46-18.el8 Fixed Version: 2.4.46-19.el8_10 References: seclists.org seclists.org seclists.org access.redhat.com access.redhat.com bugs.openldap.org bugzilla.redhat.com errata.almalinux.org linux.oracle.com linux.oracle.com nvd.nist.gov security.netapp.com support.apple.com support.apple.com support.apple.com ubuntu.com ubuntu.com www.cve.org |
|
These instructions assume you have setup the repository first (or read it).
To pull oracle-python @ reference/tag main:
docker pull open-source.docker.xenit.eu/oracle-python:mainYou can also pull the latest version of this image (if it exists):
docker pull open-source.docker.xenit.eu/oracle-python:latestTo refer to this image after pulling in a Dockerfile, specify the following:
FROM open-source.docker.xenit.eu/oracle-python:mainNote: You should replace main with an alternative reference to pull, such as: main-2.1.2.
