59 matches found
GHSA-RPCF-RMH6-42XR Netavark Has Possible DNS Resolve Confusion
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
UBUNTU-CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283 Netavark: podman: netavark may resolve hostnames to unexpected hosts
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283 Netavark: podman: netavark may resolve hostnames to unexpected hosts
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283
CVE-2025-8283 affects the netavark component used with Podman for container networking. Due to removal of the dns.podman search domain, netavark may reveal external servers when a valid A/AAAA record is answered, causing a container whose name matches a domain hostname to resolve to external host...
CVE-2025-8283 Netavark: podman: netavark may resolve hostnames to unexpected hosts
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
PT-2025-31142
Name of the Vulnerable Software and Affected Versions netavark affected versions not specified Description A vulnerability exists in the netavark package, a network stack for containers used with Podman. Due to the removal of the dns.podman search domain, netavark may return external servers if a...
netavark bug fix and enhancement update
An update is available for netavark. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.5...
Security update for podman
This update for podman fixes the following issues: CVE-2024-9676: github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service DoS bsc1231698 Load iptables and ip6tables kernel module bsc1214612 Required for rootless mode as a...
CVE-2023-22466 affecting package netavark 1.0.3-5
CVE-2023-22466 affecting package netavark 1.0.3-5. This CVE either no longer is or was never applicable...
container-tools:ol8 security update
aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/fe85f0d - Resolves: RHEL-61853 2:1.33.10-1 - update to the latest content of...
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-8038)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-8038 advisory. aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah cockpit-podman conmon containernetworking-plugins...
SUSE-SU-2024:3186-1 Security update for buildah
This update for buildah fixes the following issues: Update to version 1.35.4: CVE-2024-3727 updates bsc1224117 Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3: correctly configure /etc/hosts and resolv.conf buildah: refactor resolv/hosts setup. rename...
SUSE-SU-2024:3151-1 Security update for buildah
This update for buildah fixes the following issues: Update to version 1.35.4: Bump to Buildah v1.35.4 CVE-2024-3727 updates bsc1224117 integration test: handle new labels in 'bud and test --unsetlabel' Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3:...
SUSE-SU-2024:3120-1 Security update for buildah, docker
This update for buildah, docker fixes the following issues: Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient validation of parent directory on mount bsc1219268 - CVE-2024-23653: Fixed insufficient...
container-tools security update
aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...