8 matches found
Fedora 37 : golang-github-containerd-imgcrypt (2022-cfe50b5ebb)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-cfe50b5ebb advisory. Automatic update for golang-github-containerd-imgcrypt-1.1.4-1.fc37. Changelog Sat Apr 2 2022 Maxwell G 1.1.4-1 - Update to 1.1.4 rhbz2068719...
Security Bulletin: IBM Concert is vulnerable to multiple issues due to Cloud Pak Openshift
Summary IBM Concert Software uses multiple open source libraries from Cloud Pak Openshift which are susceptible to various security vulnerabilities. Vulnerability Details CVEID:CVE-2020-12912 DESCRIPTION: AMD Energy Driver for Linux could allow a local attacker to obtain sensitive information,...
USN-5776-1: containerd vulnerabilities
It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. CVE-2022-23471, CVE-2022-31030 It was discovered that containerd incorrectly set ...
Fedora: Security Advisory for golang-github-containerd-imgcrypt (FEDORA-2022-de0f8beeb0)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-24778
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778 Incorrect Authorization in imgcrypt
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778
CVE-2022-24778 affects imgcrypt used with containerd. In versions prior to 1.1.4, a flaw in the CheckAuthorization path could allow running an image from a ManifestList on a host where the local architecture isn’t first in the list, potentially enabling access to encrypted images without proper k...
CVE-2022-24778 Incorrect Authorization in imgcrypt
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...