AZL-45387 CVE-2018-20699 affecting package buildah for versions less than 1.41.4-2

🗓️ 12 Jan 2019 02:29:00Reported by GoogleType

osv

osv🔗 osv.dev

Buildah older than 1.41.4-2 and Docker Engine older than 18.09 suffer denial of service via large cpuset values.

Reporter	Title	Published	Views	Family All 87
IBM Security Bulletins	Security Bulletin: Open Source Dependency Vulnerability	15 May 202318:56	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Fusion is vulnerable to denial of server, and security bypass due to Golang vulnerabilities.	13 May 202418:39	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Dependency Vulnerability	15 May 202316:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data	29 Jun 202217:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service, authentication bypass, and incorrect privilege assignment due to Golang vulnerabilities.	11 May 202416:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to Files or Directories Accessible to External Parties in Grafana (CVE-2021-41089, CVE-2022-24769, CVE-2021-41091, CVE-2018-20699, CVE-2022-36109)	5 Aug 202419:51	–	ibm
Amazon	Medium: docker	18 Nov 202100:00	–	amazon
Amazon	Medium: docker	18 Nov 202100:00	–	amazon
CBLMariner	CVE-2018-20699 affecting package podman for versions less than 5.6.1-2	28 Oct 202521:13	–	cbl_mariner
CBLMariner	CVE-2018-20699 affecting package buildah for versions less than 1.41.4-2	28 Oct 202521:13	–	cbl_mariner

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-20699

21 Apr 2026 04:32Current

6.2Medium risk

Vulners AI Score6.2

CVSS 34.9

EPSS0.0009

buildah vulnerability cpuset values denial of service docker engine memory consumption