Lucene search
OracleLinuxELSA-2024-2272HistoryMay 02, 2024 - 12:00 a.m.
containernetworking-plugins security update
2024-05-0200:00:00
linux.oracle.com
5
container networking plugins
security update
unix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
30.8%
[1:1.4.0-2]
- rebuild
- Related: RHEL-18372
[1:1.4.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.4.0
- Related: RHEL-2112
[1:1.3.0-5] - fix path to dhcp service
- Resolves: #RHEL-3140
[1:1.3.0-4] - add Epoch in Provides
- Related: #2176063
[1:1.3.0-3] - remove no_openssl for FIPS compliance
- Related: #2176063
[1:1.3.0-2] - rebuild for following CVEs:
CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400 - Resolves: #2179960
- Resolves: #2187333
- Resolves: #2187376
- Resolves: #2203705
- Resolves: #2207519
[1:1.3.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.3.0
- Related: #2176063
[1:1.2.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0
- Related: #2124478
[1:1.1.1-3] - Re-enable LTO and debuginfo
- Related: #2061316
[1:1.1.1-2] - BuildRequires: /usr/bin/go-md2man
- Related: #2061316
[1:1.1.1-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.1.1
- Related: #2061316
[1:1.1.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.1.0
- Related: #2061316
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | containernetworking-plugins | < 1.4.0-2.el9_4 | containernetworking-plugins-1.4.0-2.el9_4.src.rpm |
| oracle linux | 9 | aarch64 | containernetworking-plugins | < 1.4.0-2.el9_4 | containernetworking-plugins-1.4.0-2.el9_4.aarch64.rpm |
| oracle linux | 9 | src | containernetworking-plugins | < 1.4.0-2.el9_4 | containernetworking-plugins-1.4.0-2.el9_4.src.rpm |
| oracle linux | 9 | x86_64 | containernetworking-plugins | < 1.4.0-2.el9_4 | containernetworking-plugins-1.4.0-2.el9_4.x86_64.rpm |
Related
almalinux
almalinux
Moderate: buildah security update
2024-04-30 00:00:00
Moderate: containernetworking-plugins security update
2024-04-30 00:00:00
Moderate: podman security update
2024-04-30 00:00:00
redhat
redhat
(RHSA-2024:2245) Moderate: buildah security update
2024-04-30 06:15:09
(RHSA-2024:0281) Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.2.1 for RHEL 9
2024-03-06 13:29:28
(RHSA-2024:2193) Moderate: podman security update
2024-04-30 06:15:00
oraclelinux
oraclelinux
buildah security update
2024-05-03 00:00:00
podman security update
2024-05-03 00:00:00
skopeo security update
2024-05-02 00:00:00
osv
osv
Moderate: containernetworking-plugins security update
2024-04-30 00:00:00
Moderate: buildah security update
2024-04-30 00:00:00
Moderate: podman security update
2024-04-30 00:00:00
nessus
nessus
Oracle Linux 9 : containernetworking-plugins (ELSA-2024-2272)
2024-05-06 00:00:00
Oracle Linux 9 : podman (ELSA-2024-2193)
2024-05-06 00:00:00
RHEL 9 : containernetworking-plugins (RHSA-2024:2272)
2024-04-30 00:00:00
cve
cve
CVE-2023-45287
2023-12-05 17:15:08
CVE-2023-39326
2023-12-06 17:15:07
nvd
nvd
CVE-2023-45287
2023-12-05 17:15:08
CVE-2023-39326
2023-12-06 17:15:07
ibm
ibm
debiancve
debiancve
CVE-2023-45287
2023-12-05 17:15:08
CVE-2023-39326
2023-12-06 17:15:07
wolfi
wolfi
CVE-2023-45287 vulnerabilities
2024-06-25 15:33:25
CVE-2023-39326 vulnerabilities
2024-06-25 15:33:25
prion
prion
Design/Logic Flaw
2023-12-05 17:15:00
Design/Logic Flaw
2023-12-06 17:15:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2023-45287
2023-12-06 15:00:00
CVE-2023-39326
2023-12-07 12:35:00
cbl_mariner
cbl_mariner
CVE-2023-45287 affecting package golang for versions less than 1.21.6-1
2024-06-25 21:08:29
CVE-2023-39326 affecting package golang for versions less than 1.21.6-1
2024-06-25 21:08:29
veracode
veracode
Timing Attack
2023-12-07 11:35:51
Denial Of Service (DoS)
2023-12-12 07:10:29
cgr
cgr
CVE-2023-45287 vulnerabilities
2024-05-19 03:07:16
CVE-2023-39326 vulnerabilities
2024-05-19 03:07:16
ubuntucve
ubuntucve
CVE-2023-45287
2023-12-05 00:00:00
CVE-2023-39326
2023-12-06 00:00:00
amazon
amazon
Medium: cni-plugins
2024-05-09 19:16:00
Medium: golist
2024-05-23 22:04:00
Important: cri-tools
2024-02-01 19:57:00
openvas
openvas
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1174)
2024-02-09 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1194)
2024-02-09 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2024-1335)
2024-03-13 00:00:00
alpinelinux
alpinelinux
CVE-2023-39326
2023-12-06 17:15:07
fedora
fedora
[SECURITY] Fedora 39 Update: golang-1.21.6-1.fc39
2024-01-20 03:24:19
redos
redos
ROS-20240402-17
2024-04-02 00:00:00
mageia
mageia
Updated golang packages fix security vulnerabilities
2023-12-18 01:40:49
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.3 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
30.8%
Related for ELSA-2024-2272