48 matches found
RHCOS 4 : OpenShift Container Platform 4.2.22 skopeo (RHSA-2020:0689)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0689 advisory. - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 Note that Nessus has not tested for this issue...
RHCOS 4 : OpenShift Container Platform 4.2.33 openshift-clients (RHSA-2020:2027)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2027 advisory. - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 Note that Nessus has not tested for this issue...
MiracleLinux 7 : podman-1.6.4-36.el7 (AXSA:2022-3718:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3718:02 advisory. podman: Security regression of CVE-2020-8945 due to source code management issue CVE-2022-2738 podman: Security regression of CVE-2020-14370 due to...
MiracleLinux 7 : buildah-1.11.6-8.el7 (AXSA:2020-4680:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4680:01 advisory. proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 Tenable has extracted the preceding description block directly...
EUVD-2022-34980
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-8945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This lea...
CentOS 7 : skopeo (RHSA-2020:1230)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1230 advisory. - The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This...
CentOS 7 : buildah (RHSA-2020:1231)
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1231 advisory. - The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This...
RHEL 8 : cri-o (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 - The OCI...
RHEL 8 : OpenShift Container Platform 4.3.12 podman (RHSA-2020:1396)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1396 advisory. The podman tool manages Pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...
CVE-2022-2738
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...
CVE-2022-2738
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...
Design/Logic Flaw
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...
CVE-2022-2738
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...
podman: Security regression of CVE-2020-8945 due to source code management issue
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...
Moderate: Red Hat Security Advisory: podman security and bug fix update
An update for podman is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2022-2738
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code executio...
CVE-2020-8945
A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.2.z ose-openshift-controller-manager-container security update
An update for ose-openshift-controller-manager-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2992)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2992 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...