Lucene search
+L

84 matches found

OSV
OSV
added 2024/05/14 3:42 p.m.7 views

AZL-42343 CVE-2024-3727 affecting package libcontainers-common for versions less than 20210626-7

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

8.3CVSS6.6AI score0.01279EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:42 p.m.27 views

CVE-2024-3727

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

8.3CVSS7.8AI score0.01279EPSS
Exploits0References36
OSV
OSV
added 2024/05/14 3:42 p.m.14 views

UBUNTU-CVE-2024-3727

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

8.3CVSS6.6AI score0.01279EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/11 2:38 a.m.4 views

SUSE CVE-2024-3727

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

8.3CVSS7.9AI score0.01279EPSS
Exploits0References29
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.28 views

RHEL 8 : containers_image (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - containers/image: Container images read entire image manifest into memory CVE-2020-1702 Note that Nessus has not...

5.5AI score0.00688EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/09 12:0 a.m.5 views

PT-2024-5219

Name of the Vulnerable Software and Affected Versions: github.com/containers/image affected versions not specified Description: A flaw was found in the github.com/containers/image library, related to incorrect integrity value checking. This issue allows attackers to trigger unexpected authenticat...

8.3CVSS6.5AI score0.01279EPSS
Exploits0References274
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.27 views

Oracle Linux 8 : container-tools:1.0 (ELSA-2019-3494)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3494 advisory. - ipreass in ipinput.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment...

8.8CVSS7.4AI score0.16658EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-10214

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

9CVSS6.9AI score0.01604EPSS
Exploits0References20
OpenVAS
OpenVAS
added 2023/01/30 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:0187-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.9AI score0.05994EPSS
Exploits3References2
Github Security Blog
Github Security Blog
added 2022/02/15 1:57 a.m.51 views

containers/image library Insufficiently Protects Credentials

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launc...

6.4CVSS6.2AI score0.01604EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.65 views

CentOS 8 : container-tools:rhel8 (CESA-2020:1650)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1650 advisory. - runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2019-19921 - containers/image: Container...

7CVSS6.9AI score0.01849EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.53 views

CentOS 8 : container-tools:1.0 (CESA-2019:3494)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3494 advisory. - containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure CVE-2019-10214 - QEM...

8.8CVSS7.4AI score0.16658EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2020/06/23 12:0 a.m.42 views

RHEL 7 : skopeo (RHSA-2020:2681)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2681 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify file...

4.3CVSS6.5AI score0.00688EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/05/12 7:52 p.m.104 views

Important: Red Hat Security Advisory: buildah security and bug fix update

An update for buildah is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.3CVSS6.5AI score0.02603EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.272 views

RHEL 7 : buildah (RHSA-2020:2116)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2116 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

9.3CVSS6.5AI score0.02603EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2020/04/28 4:11 p.m.56 views

Moderate: Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7CVSS6.4AI score0.01849EPSS
Exploits0References47
AlmaLinux
AlmaLinux
added 2020/04/28 9:1 a.m.62 views

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2019-19921 containers/image: Container images read entire ima...

7CVSS6.4AI score0.01849EPSS
Exploits0References4
Veracode
Veracode
added 2020/04/03 12:40 a.m.32 views

Information Disclosure

containers/image is vulnerable to information disclosure. The vulnerability exists as it reads entire image manifest into memory...

3.3CVSS1.5AI score0.00688EPSS
Exploits0References11Affected Software5
RedHat Linux
RedHat Linux
added 2020/04/01 12:26 a.m.128 views

Moderate: Red Hat Security Advisory: docker security and bug fix update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.6AI score0.05071EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2020/04/01 12:0 a.m.65 views

RHEL 7 : docker (RHSA-2020:1234)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1234 advisory. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that...

7.5CVSS6.8AI score0.05071EPSS
Exploits2References12
Rows per page
Query Builder