Lucene search

K

CVE-2024-9676

🗓️ 15 Oct 2024 16:06:15Reported by redhatType 
cve
 cve
🔗 web.nvd.nist.gov👁 52 Views

A symlink traversal vulnerability in Podman, Buildah, and CRI-O can result in a denial of service

Show more
Related
Detection
Affected
Refs
Nvd
Node
OROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROR
[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "1.55.1",
        "versionType": "semver"
      }
    ],
    "packageName": "containers/storage",
    "collectionURL": "https://github.com/containers/storage/",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "container-tools:rhel8",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8100020241101101019.afee755d",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "podman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "4:4.9.4-16.el9_4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "podman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "4:5.2.2-9.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "buildah",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "2:1.37.5-1.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "buildah",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "2:1.33.11-1.el9_4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:rhel_eus:9.4::appstream"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.12",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "cri-o",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.25.5-5.rhaos4.12.git53dc492.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.12::el8",
      "cpe:/a:redhat:openshift:4.12::el9",
      "cpe:/a:redhat:openshift_ironic:4.12::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.13",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "cri-o",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.26.5-26.rhaos4.13.giteb3d487.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.13::el9",
      "cpe:/a:redhat:openshift:4.13::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.14",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "cri-o",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.27.8-12.rhaos4.14.git7597c43.el8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.14::el8",
      "cpe:/a:redhat:openshift:4.14::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.15",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "cri-o",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.28.11-5.rhaos4.15.git35a2431.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.15::el9",
      "cpe:/a:redhat:openshift:4.15::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.16",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "cri-o",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.29.9-6.rhaos4.16.gite7bd45a.el8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift_ironic:4.16::el9",
      "cpe:/a:redhat:openshift:4.16::el9",
      "cpe:/a:redhat:openshift:4.16::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.16",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "podman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "4:4.9.4-12.rhaos4.16.el8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.16::el9",
      "cpe:/a:redhat:openshift:4.16::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.17",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "cri-o",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.30.6-6.rhaos4.17.git6ac6e96.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.17::el8",
      "cpe:/a:redhat:openshift:4.17::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.17",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "podman",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "5:5.2.2-1.rhaos4.17.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.17::el8",
      "cpe:/a:redhat:openshift:4.17::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.17",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "openshift4/ose-docker-builder-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "v4.17.0-202501281204.p0.ga753153.assembly.stream.el9",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.17::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "OpenShift Developer Tools and Services",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:ocp_tools"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "OpenShift Developer Tools and Services",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "ocp-tools-4/jenkins-rhel8",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:ocp_tools"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "conmon",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "skopeo",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "buildah",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "conmon",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "skopeo",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Quay 3",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "quay/quay-builder-rhel8",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:quay:3"
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
15 Oct 2024 16:15Current
6.9Medium risk
Vulners AI Score6.9
CVSS36.5
EPSS0.001
SSVC
52
.json
Report