A symlink traversal vulnerability in Podman, Buildah, and CRI-O can result in a denial of service
Reporter | Title | Published | Views | Family All 123 |
---|---|---|---|---|
![]() | buildah-1.37.5-1.1 on GA media | 21 Oct 202400:00 | – | osv |
![]() | CVE-2024-9676 | 15 Oct 202416:15 | – | osv |
![]() | Red Hat Security Advisory: OpenShift Container Platform 4.17.3 security update | 30 Oct 202409:32 | – | osv |
![]() | Security update for podman | 24 Oct 202403:34 | – | osv |
![]() | podman-5.2.4-3.1 on GA media | 22 Oct 202400:00 | – | osv |
![]() | Security update for buildah | 24 Oct 202403:34 | – | osv |
![]() | Red Hat Security Advisory: buildah security update | 25 Nov 202409:53 | – | osv |
![]() | Red Hat Security Advisory: OpenShift Container Platform 4.16.20 packages and security update | 13 Nov 202421:18 | – | osv |
![]() | Red Hat Security Advisory: OpenShift Container Platform 4.17.4 packages and security update | 13 Nov 202421:20 | – | osv |
![]() | Red Hat Security Advisory: OpenShift Container Platform 4.16.z security update | 31 Oct 202404:57 | – | osv |
[
{
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "1.55.1",
"versionType": "semver"
}
],
"packageName": "containers/storage",
"collectionURL": "https://github.com/containers/storage/",
"defaultStatus": "unaffected"
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "8100020241101101019.afee755d",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "affected",
"versions": [
{
"version": "4:4.9.4-16.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "affected",
"versions": [
{
"version": "4:5.2.2-9.el9_5",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "buildah",
"defaultStatus": "affected",
"versions": [
{
"version": "2:1.37.5-1.el9_5",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "buildah",
"defaultStatus": "affected",
"versions": [
{
"version": "2:1.33.11-1.el9_4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.12",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.25.5-5.rhaos4.12.git53dc492.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9",
"cpe:/a:redhat:openshift_ironic:4.12::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.13",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.26.5-26.rhaos4.13.giteb3d487.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.13::el9",
"cpe:/a:redhat:openshift:4.13::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.14",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.27.8-12.rhaos4.14.git7597c43.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.15",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.28.11-5.rhaos4.15.git35a2431.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9",
"cpe:/a:redhat:openshift:4.15::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.29.9-6.rhaos4.16.gite7bd45a.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift_ironic:4.16::el9",
"cpe:/a:redhat:openshift:4.16::el9",
"cpe:/a:redhat:openshift:4.16::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "affected",
"versions": [
{
"version": "4:4.9.4-12.rhaos4.16.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9",
"cpe:/a:redhat:openshift:4.16::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.17",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.30.6-6.rhaos4.17.git6ac6e96.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.17",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "affected",
"versions": [
{
"version": "5:5.2.2-1.rhaos4.17.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.17",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-docker-builder-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.17.0-202501281204.p0.ga753153.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Developer Tools and Services",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:ocp_tools"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Developer Tools and Services",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ocp-tools-4/jenkins-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:ocp_tools"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "conmon",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "skopeo",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "buildah",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "conmon",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "skopeo",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Quay 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "quay/quay-builder-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:quay:3"
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo