Overall Statistics

Total number of analysed container images:2,092
Total analysis time:2 weeks, 12 hours and 53 minutes
Average analysis time per image:10 minutes

Among 2,092 analysed container images, the following were found to be vulnerable:
Top vulnerabilities found in the analysed container images:
CVE-2018-20852 (5.0): http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python... (http://www.cvedetails.com/cve/CVE-2018-20852/)
CVE-2019-9636 (5.0): Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper... (http://www.cvedetails.com/cve/CVE-2019-9636/)
CVE-2019-9947 (4.3): An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in... (http://www.cvedetails.com/cve/CVE-2019-9947/)
CVE-2019-9740 (4.3): An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in... (http://www.cvedetails.com/cve/CVE-2019-9740/)
CVE-2018-14647 (5.0): Python's elementtree C accelerator failed to initialise Expat's hash... (http://www.cvedetails.com/cve/CVE-2018-14647/)
CVE-2019-9948 (6.4): urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes... (http://www.cvedetails.com/cve/CVE-2019-9948/)
CVE-2018-1060 (5.0): python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable... (http://www.cvedetails.com/cve/CVE-2018-1060/)
CVE-2018-1061 (5.0): python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable... (http://www.cvedetails.com/cve/CVE-2018-1061/)
CVE-2018-16845 (5.8): nginx before versions 1.15.6, 1.14.1 has a vulnerability in the... (http://www.cvedetails.com/cve/CVE-2018-16845/)
CVE-2018-16844 (7.8): nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the... (http://www.cvedetails.com/cve/CVE-2018-16844/)
CVE-2017-16997 glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries
CVE-2018-15686 systemd: line splitting via fgets() allows for state injection during daemon-reexec
CVE-2018-14618 curl: NTLM password overflow via integer overflow
CVE-2019-3855 libssh2: Integer overflow in transport read resulting in out of bounds write
CVE-2019-2201 libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images
CVE-2019-1349 git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/
CVE-2019-1350 git: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone
CVE-2019-1354 git: Git does not refuse to write out tracked files with backlashes in filenames
CVE-2019-1352 git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams
CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
CVE-2019-12900 bzip2: out-of-bounds write in function BZ2_decompress
CVE-2019-8457 sqlite: heap out-of-bound read in function rtreenode()
CVE-2017-11164 pcre: OP_KETRMAX feature in the match function in pcre_exec.c
CVE-2019-18276 bash: when effective UID is not equal to its real UID the saved UID is not dropped
CVE-2019-9169 glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read
CVE-2018-1000654 libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion
CVE-2018-1000001 glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation
CVE-2016-2779 util-linux: runuser tty hijack via TIOCSTI ioctl
CVE-2018-6954 systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files
CVE-2018-6485 glibc: Integer overflow in posix_memalign in memalign functions
CVE-2017-7246 pcre: stack-based buffer overflow write in pcre32_copy_substring
CVE-2017-7245 pcre: stack-based buffer overflow write in pcre32_copy_substring
CVE-2016-10228 glibc: iconv program can hang when invoked with the -c option
CVE-2019-9923 tar: null-pointer dereference in pax_decode_header in sparse.c
CVE-2019-1563 openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey
CVE-2019-5188 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c
CVE-2019-5094 e2fsprogs: crafted ext4 partition leads to out-of-bounds write
CVE-2019-17594 ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c
CVE-2019-17595 ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c
CVE-2009-5155 glibc: parse_reg_exp in posix/regcomp.c misparses alternatives leading to denial of service or trigger incorrect result
Latest 10 malicious container images:
Time/Date Base Image
2020-08-29 05:29:54 hildeteamtnt/metal3d
2020-08-29 05:28:26 hildeteamtnt/first
2020-08-29 05:23:01 hildeteamtnt/container1
2020-08-29 05:13:36 hildeteamtnt/docrunker
2020-08-29 05:03:18 hildeteamtnt/dockerfirst
2020-08-29 04:41:15 hildeteamtnt/xmrigminer
2020-08-29 04:30:10 hildeteamtnt/pause-amd64
2020-08-29 04:24:27 hildeteamtnt/avscan
2020-08-18 20:44:05 widoc26117/xmr
2020-08-10 03:39:20 xmrig/xmrig
Top 10 malware detections:
Malware Occurrences
Multios.Coinminer.Miner-6781728-2 14
Unix.Trojan.Tsunami-7644569-0 4
Unix.Malware.Agent-1768364 2
Unix.Malware.Agent-1753197 2
Unix.Malware.Agent-1753174 2
Unix.Malware.Agent-1753177 2
Unix.Malware.Agent-1753179 2
Unix.Malware.Agent-1753196 2
Unix.Malware.Agent-1753194 2
Unix.Malware.Agent-1753191 2
Across 2,092 container images, login credentials were detected in clear text, with a brute force attack, or both:
Top 10 passwords:
Password Occurrences
secret 4
admin 4
postgresql 3
amber 2
**** 2
somepass 2
********** 2
$ecur17y 2
root 2
Geographic distribution of the hosts contacted by the analysed containers:
Top 10 countries with the hosts contacted by the analysed containers:
Country Occurrences
  United States 2007
  United Kingdom 1502
  Germany 94
  Netherlands 80
  France 56
  Ukraine 42
  Russia 36
  Canada 28
  China 24
  Switzerland 23
Top 10 networking services found to be running inside analysed containers:
Top 10 ports found to be open by networking services: