91 matches found
RHCOS 4 : OpenShift Container Platform 4.16.1 (RHSA-2024:4159)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:4159 advisory. - containers/image: digest type does not guarantee valid type CVE-2024-3727 - cri-o: malicious container can create symlink on host...
RHCOS 4 / 9 : OpenShift Container Platform 4.14.38 (RHSA-2024:7187)
The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:7187 advisory. - containers/image: digest type does not guarantee valid type CVE-2024-3727 - webob: WebOb's location header normalization durin...
MiracleLinux 9 : buildah-1.37.2-1.el9 (AXSA:2024-9390:11)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9390:11 advisory. containers/image: digest type does not guarantee valid type CVE-2024-3727 net/http: Denial of service due to improper 100-continue handling in...
Linux Distros Unpatched Vulnerability : CVE-2024-3727
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a...
openSUSE Security Advisory (SUSE-SU-2024:1838-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:1989-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:1988-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:0313-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: containerized-data-importer / cri-o / ig / libcontainers-common / skopeo (CVE-2024-3727)
The version of containerized-data-importer / cri-o / ig / libcontainers-common / skopeo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3727 advisory. - A flaw was found in the...
Moderate: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Moderate: Red Hat Security Advisory: skopeo security update
An update for skopeo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: podman security update
An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2024:9098 Moderate: skopeo security update
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fixes: containers/image: digest type does not guarantee valid type CVE-2024-3727 golang: net: malformed DNS message can cause infinite...
RHEL 9 : skopeo (RHSA-2024:9098)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9098 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...
RHEL 9 : buildah (RHSA-2024:9097)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9097 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...
ALSA-2024:9097 Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Mageia: Security Advisory (MGASA-2024-0343)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated buildah, podman, skopeo packages fix security vulnerabilities
A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.18 bug fix and security update
Red Hat OpenShift Container Platform release 4.16.18 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...