osquery

Findings · 17

1. 1 Project dependencies are not monitored for vulnerabilities High
2. 2 No separation of privileges when executing dependency code High
3. 3 No limit on the amount of information that can be read from the Firefox add-ons table Low
4. 4 The SIP status on macOS may be misreported Informational
5. 5 The OpenReadableFile function can hang on reading a file Medium
6. 6 Methods in POSIX PlatformFile class are susceptible to race conditions Low
7. 7 No limit on the amount of data that parsePlist can parse Low
8. 8 The parsePlist function can hang on reading certain files Medium
9. 9 The parseJSON function can hang on reading certain files on Linux and macOS Medium
10. 10 No limit on the amount of data read or expanded from the Safari extensions table Low
11. 11 Extended attributes table may read uninitialized or out-of-bounds memory Medium
12. 12 The readFile function can hang on reading a file Medium
13. 13 The POSIX PlatformFile constructor may block the osquery thread Medium
14. 14 No limit on the amount of data the Carver::blockwiseCopy method can write Medium
15. 15 The carves table truncates large file sizes to 32 bits Informational
16. 16 The time table may not null-terminate strings correctly Informational
17. 17 The elf_info table can crash the osquery agent Medium

Findings extracted from the published report PDF. See the full report below for details and remediation.