Lucene search
K

36 matches found

CBLMariner
CBLMariner
added 2025/10/28 9:13 p.m.3 views

CVE-2021-3602 affecting package buildah for versions less than 1.41.4-2

CVE-2021-3602 affecting package buildah for versions less than 1.41.4-2. An upgraded version of the package is available that resolves this issue...

5.5CVSS6.9AI score0.00327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-3602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN...

5.5CVSS6.3AI score0.00327EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2024/04/30 1:31 a.m.18 views

CVE-2021-3602 affecting package cri-o for versions less than 1.21.7-2

CVE-2021-3602 affecting package cri-o for versions less than 1.21.7-2. A patched version of the package is available...

5.5CVSS6AI score0.00327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.21 views

Rocky Linux 8 : container-tools:3.0 (RLSA-2021:4222)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4222 advisory. - An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN...

5.5CVSS6AI score0.00327EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.41 views

Rocky Linux 8 : container-tools:2.0 (RLSA-2021:4221)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4221 advisory. - An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN...

5.5CVSS6AI score0.00327EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/07/10 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2023-0213)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.06975EPSS
Exploits7References47
Mageia
Mageia
added 2023/07/07 5:54 a.m.62 views

Updated skopeo/buildah/podman packages fix security vulnerability

Information disclosure flaw was found in Buildah CVE-2021-3602 podman allows forwarding hosts ports to vm from within vm CVE-2021-4024 Allows use "../" separators in containernetworking/cni to reference binaries such as 'reboot' in network configuration CVE-2021-20206 github.com/containers/storag...

8.8CVSS7.1AI score0.06975EPSS
Exploits7References45
Oracle linux
Oracle linux
added 2022/11/15 12:0 a.m.44 views

container-tools:3.0 security update

buildah 1.19.9-6 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 https://github.com/containers/buildah/commit/6d7f496 - Related: 2061390 1.19.9-5 - update to the latest content of https://github.com/containers/buildah/tree/release-1.19...

8.5CVSS8.6AI score0.06604EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.42 views

AlmaLinux 8 : container-tools:3.0 (ALSA-2021:4222)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4222 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 Tenable has extracted the preceding description block...

5.5CVSS6.1AI score0.00327EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/05 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2022:23018-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS6.9AI score0.02209EPSS
Exploits4References2
NVD
NVD
added 2022/03/03 7:15 p.m.26 views

CVE-2021-3602

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN commands can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment,...

5.5CVSS0.00327EPSS
Exploits0References4
CVE
CVE
added 2022/03/03 6:26 p.m.240 views

CVE-2021-3602

CVE-2021-3602 affects Buildah when building containers with chroot isolation. The flaw allows processes in container builds (e.g., RUN commands) to read environment variables from parent and grandparent processes, potentially leaking sensitive data such as registry credentials in CI/CD contexts. ...

5.5CVSS5.2AI score0.00327EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2022/03/03 6:26 p.m.49 views

CVE-2021-3602

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN commands can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment,...

5.5CVSS5.3AI score0.00327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.22 views

Oracle Linux 8 : container-tools:3.0 (ELSA-2021-4222)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4222 advisory. - fixes CVE-2021-3602 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

5.5CVSS6.1AI score0.00327EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2021/11/16 12:0 a.m.41 views

container-tools:2.0 security update

buildah 1.11.6-9.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-9 - update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel...

5.5CVSS5.8AI score0.00327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.59 views

RHEL 8 : container-tools:2.0 (RHSA-2021:4221)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4221 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Host...

5.5CVSS6.2AI score0.00327EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.152 views

RHEL 8 : container-tools:3.0 (RHSA-2021:4222)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4222 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Host...

5.5CVSS6.2AI score0.00327EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.195 views

RHEL 8 : container-tools:rhel8 (RHSA-2021:4154)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4154 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah:...

7.1CVSS7.4AI score0.01587EPSS
Exploits1References60
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.57 views

CentOS 8 : container-tools:rhel8 (CESA-2021:4154)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4154 advisory. - containers/storage: DoS via malicious image CVE-2021-20291 - buildah: Host environment variables leaked in build container when using chroot isolatio...

7.1CVSS7.2AI score0.01587EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/11/09 6:43 p.m.42 views

Moderate: Red Hat Security Advisory: container-tools:2.0 security update

An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

5.5CVSS6.3AI score0.00327EPSS
Exploits0References3
Rows per page
Query Builder