23 matches found
CVE-2021-29136
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...
Mageia: Security Advisory (MGASA-2022-0006)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : umoci (openSUSE-SU-2021:1863-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1863-1 advisory. - Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal...
openSUSE: Security Advisory for umoci (openSUSE-SU-2021:1863-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:1863-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2021:1863-1 Security update for umoci
This update for umoci fixes the following issues: Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147...
SUSE SLED15 / SLES15 Security Update : umoci (SUSE-SU-2021:1863-2)
The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:1863-2 advisory. Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. Tenable has extracted the...
openSUSE Security Update : umoci (openSUSE-2021-846)
This update for umoci fixes the following issues : Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...
SUSE: Security Advisory (SUSE-SU-2021:1863-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for umoci (openSUSE-SU-2021:0846-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:0846-1 Security update for umoci
This update for umoci fixes the following issues: Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. This update was imported from the SUSE:SLE-15:Update update project...
Security update for umoci (important)
openSUSE Security Update: Security update for umoci Announcement ID: openSUSE-SU-2021:0846-1 Rating: important References: 1184147 Cross-References: CVE-2021-29136 CVSS scores: CVE-2021-29136 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2021-29136 SUSE: 7.3...
SUSE SLES15 Security Update : umoci (SUSE-SU-2021:1863-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:1863-1 advisory. - Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. Tenable has extracted the...
OPENSUSE-SU-2021:0810-1 Security update for singularity
This update for singularity fixes the following issues: singularity was updated to version 3.7.3: - Fix for CVE-2021-29136: A dependency used to extract docker/OCI image layers can be tricked into modifying host files by creating a malicious layer that has a symlink with the name '.' or '/', when...
Security update for singularity (moderate)
openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2021:0810-1 Rating: moderate References: 1184147 Cross-References: CVE-2021-29136 CVSS scores: CVE-2021-29136 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2021-29136 SUSE: 7.3...
OESA-2021-1151 umoci security update
Umoci modifies Open Container images. Umoci intends to be a complete manipulation tool for OCI images. In particular, it should be seen as a more end-user-focused version of the oci-image-tools provided by the OCI. Security Fixes: Open Container Initiative umoci before 0.4.7 allows attackers to...
SUSE: Security Advisory (SUSE-SU-2021:1116-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for umoci (openSUSE-SU-2021:0548-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : umoci (openSUSE-2021-548)
This update for umoci fixes the following issues : - Update to umoci v0.4.6. - CVE-2021-29136: malicious layer allows overwriting of host files bsc1184147 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks ...
SUSE SLES15 Security Update : umoci (SUSE-SU-2021:1116-1)
This update for umoci fixes the following issues : Update to umoci v0.4.6. CVE-2021-29136: malicious layer allows overwriting of host files bsc1184147 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted t...