Project | docker-image|public.ecr.aws/docker/library/haproxy |
---|---|
Path | public.ecr.aws/docker/library/haproxy:2.6.17-alpine/docker/library/haproxy |
Package Manager | apk |
Use After Free
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream busybox
package and not the busybox
package as distributed by Alpine
.
See How to fix?
for Alpine:3.20
relevant fixed versions and status.
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.
Remediation
Upgrade Alpine:3.20
busybox
to version 1.36.1-r29 or higher.
References
Use After Free
Detailed paths
NVD Description
Note: Versions mentioned in the description apply only to the upstream busybox
package and not the busybox
package as distributed by Alpine
.
See How to fix?
for Alpine:3.20
relevant fixed versions and status.
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.
Remediation
Upgrade Alpine:3.20
busybox
to version 1.36.1-r29 or higher.
References
CVE-2024-4741
Detailed paths
NVD Description
This vulnerability has not been analyzed by NVD yet.
Remediation
Upgrade Alpine:3.20
openssl
to version 3.3.0-r3 or higher.