Overall Statistics |
|
---|---|
Total number of analysed container images: | 2,178 |
Total analysis time: | 2 weeks, 22 hours and 53 minutes |
Average analysis time per image: | 9 minutes and 53 seconds |
Among 2,178 analysed container images, the following were found to be vulnerable:
Top vulnerabilities found in the analysed container images:
CVE-2018-20852 (5.0): http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python... (http://www.cvedetails.com/cve/CVE-2018-20852/) |
CVE-2019-9636 (5.0): Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper... (http://www.cvedetails.com/cve/CVE-2019-9636/) |
CVE-2019-9947 (4.3): An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in... (http://www.cvedetails.com/cve/CVE-2019-9947/) |
CVE-2019-9740 (4.3): An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in... (http://www.cvedetails.com/cve/CVE-2019-9740/) |
CVE-2018-14647 (5.0): Python's elementtree C accelerator failed to initialise Expat's hash... (http://www.cvedetails.com/cve/CVE-2018-14647/) |
CVE-2019-9948 (6.4): urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes... (http://www.cvedetails.com/cve/CVE-2019-9948/) |
CVE-2018-1060 (5.0): python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable... (http://www.cvedetails.com/cve/CVE-2018-1060/) |
CVE-2018-1061 (5.0): python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable... (http://www.cvedetails.com/cve/CVE-2018-1061/) |
CVE-2018-16845 (5.8): nginx before versions 1.15.6, 1.14.1 has a vulnerability in the... (http://www.cvedetails.com/cve/CVE-2018-16845/) |
CVE-2018-16844 (7.8): nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the... (http://www.cvedetails.com/cve/CVE-2018-16844/) |
CVE-2017-16997 | glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries |
CVE-2018-15686 | systemd: line splitting via fgets() allows for state injection during daemon-reexec |
CVE-2018-14618 | curl: NTLM password overflow via integer overflow |
CVE-2019-2201 | libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images |
CVE-2019-3855 | libssh2: Integer overflow in transport read resulting in out of bounds write |
CVE-2019-1349 | git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ |
CVE-2019-1350 | git: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone |
CVE-2019-1354 | git: Git does not refuse to write out tracked files with backlashes in filenames |
CVE-2019-1352 | git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams |
CVE-2019-14901 | kernel: heap overflow in marvell/mwifiex/tdls.c |
CVE-2019-12900 | bzip2: out-of-bounds write in function BZ2_decompress |
CVE-2017-11164 | pcre: OP_KETRMAX feature in the match function in pcre_exec.c |
CVE-2019-8457 | sqlite: heap out-of-bound read in function rtreenode() |
CVE-2019-18276 | bash: when effective UID is not equal to its real UID the saved UID is not dropped |
CVE-2018-1000654 | libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion |
CVE-2019-9169 | glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read |
CVE-2018-1000001 | glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation |
CVE-2016-2779 | util-linux: runuser tty hijack via TIOCSTI ioctl |
CVE-2018-6954 | systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files |
CVE-2018-6485 | glibc: Integer overflow in posix_memalign in memalign functions |
CVE-2017-7245 | pcre: stack-based buffer overflow write in pcre32_copy_substring |
CVE-2017-7246 | pcre: stack-based buffer overflow write in pcre32_copy_substring |
CVE-2016-10228 | glibc: iconv program can hang when invoked with the -c option |
CVE-2019-9923 | tar: null-pointer dereference in pax_decode_header in sparse.c |
CVE-2019-1563 | openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey |
CVE-2019-5188 | e2fsprogs: Out-of-bounds write in e2fsck/rehash.c |
CVE-2019-5094 | e2fsprogs: crafted ext4 partition leads to out-of-bounds write |
CVE-2019-17594 | ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c |
CVE-2019-17595 | ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c |
CVE-2015-8985 | glibc: potential denial of service in pop_fail_stack() |
Latest 10 malicious container images:
Time/Date | Base Image |
---|---|
2021-01-15 02:44:03 | kitex33237/ubuntu2 |
2020-08-29 05:29:54 | hildeteamtnt/metal3d |
2020-08-29 05:28:26 | hildeteamtnt/first |
2020-08-29 05:23:01 | hildeteamtnt/container1 |
2020-08-29 05:13:36 | hildeteamtnt/docrunker |
2020-08-29 05:03:18 | hildeteamtnt/dockerfirst |
2020-08-29 04:41:15 | hildeteamtnt/xmrigminer |
2020-08-29 04:30:10 | hildeteamtnt/pause-amd64 |
2020-08-29 04:24:27 | hildeteamtnt/avscan |
2020-08-18 20:44:05 | widoc26117/xmr |
Top 10 malware detections:
Malware | Occurrences |
---|---|
Multios.Coinminer.Miner-6781728-2 | 15 |
Unix.Trojan.Tsunami-7644569-0 | 4 |
Unix.Malware.Agent-1768364 | 2 |
Unix.Malware.Agent-1753197 | 2 |
Unix.Malware.Agent-1753174 | 2 |
Unix.Malware.Agent-1753177 | 2 |
Unix.Malware.Agent-1753179 | 2 |
Unix.Malware.Agent-1753196 | 2 |
Unix.Malware.Agent-1753194 | 2 |
Unix.Malware.Agent-1753191 | 2 |
Across 2,178 container images, login credentials were detected in clear text, with a brute force attack, or both:
Top 10 passwords:
Password | Occurrences |
---|---|
secret | 4 |
admin | 4 |
postgresql | 3 |
amber | 2 |
YOUR | 2 |
**** | 2 |
somepass | 2 |
********** | 2 |
$ecur17y | 2 |
root | 2 |
Geographic distribution of the hosts contacted by the analysed containers:
Top 10 countries with the hosts contacted by the analysed containers:
Country | Occurrences |
---|---|
|
2093 |
|
1525 |
|
97 |
|
81 |
|
58 |
|
43 |
|
37 |
|
29 |
|
25 |
|
25 |
Top 10 networking services found to be running inside analysed containers:
Top 10 ports found to be open by networking services: