Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 2022/09/01 9:15 p.m.3 views

CVE-2022-2738

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...

7.5CVSS7.1AI score0.05071EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/08/19 12:0 a.m.2 views

Red Hat Enterprise Linux 资源管理错误漏洞

Red Hat Enterprise Linux is a Linux operating system for business users from Red Hat, Inc. A security vulnerability exists in Red Hat Enterprise Linux 7 that stems from the inclusion of an incorrect version of podman, which could cause Go applications using the Go GPGME wrapper library to crash o...

7.5CVSS7.8AI score0.00742EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/07/21 9:57 a.m.6 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/05/13 11:15 a.m.2 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/05/12 7:52 p.m.4 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/04/07 1:6 p.m.7 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/04/01 12:26 a.m.5 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/04/01 12:26 a.m.7 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/04/01 12:26 a.m.9 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/03/10 12:23 p.m.7 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
OSV
OSV
added 2020/02/12 6:15 p.m.4 views

DEBIAN-CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification...

7.5CVSS7.1AI score0.05071EPSS
Exploits1References1
Rows per page
Query Builder