Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2021-41190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification versi...

5CVSS6.8AI score0.02085EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 8 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 - The OCI...

7.5CVSS7.3AI score0.05071EPSS
Exploits1References2
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Medium: containerd

Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...

5CVSS6.9AI score0.02085EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/02/16 12:0 a.m.54 views

Rocky Linux 8 : container-tools:rhel8 (RLSA-2022:7457)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7457 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 whe...

7.8CVSS7.5AI score0.03931EPSS
Exploits2References59
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.39 views

SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0326-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container inspect commands...

7.5CVSS6.5AI score0.02085EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2023/01/28 12:0 a.m.2276 views

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2023:0187-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0187-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container...

7.5CVSS6.5AI score0.02085EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.96 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2022:7457)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7457 advisory. golang: net/http/httputil: panic due to racy read of persistConn after handler panic CVE-2021-36221 cri-o: memory exhaustion on the node when access to th...

7.8CVSS7.4AI score0.03931EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2022/11/04 12:0 a.m.30 views

EulerOS 2.0 SP5 : docker-engine (EulerOS-SA-2022-2706)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distributi...

5CVSS6.9AI score0.02085EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.41 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2240)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

7.8CVSS7.3AI score0.02693EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.41 views

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2022-2218)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

7.5CVSS7.2AI score0.02693EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.46 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2253)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

7.8CVSS7.3AI score0.02693EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2022/02/05 12:0 a.m.76 views

SUSE SLES15: containerd / docker / docker-bash-completion / etc (SUSE-SU-2022:0334-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0334-1 advisory. - CVE-2021-41089: Fixed 'cp' can chmod host files bsc1191015. - CVE-2021-41091: Fixed flaw that could lead to data directory...

7.8CVSS6.8AI score0.02693EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2021/12/05 12:0 a.m.31 views

openSUSE 15 Security Update : singularity (openSUSE-SU-2021:1525-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1525-1 advisory. - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution...

5CVSS6.9AI score0.02085EPSS
Exploits0References4
OSV
OSV
added 2021/12/02 4:49 p.m.12 views

MGASA-2021-0531 Updated docker-containerd packages fix security vulnerability

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

5CVSS6.2AI score0.02085EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/11/19 3:20 p.m.60 views

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manifest or an index. ...

5CVSS6.1AI score0.02085EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/11/18 12:0 a.m.78 views

Amazon Linux AMI : containerd, docker (ALAS-2021-1551)

The version of containerd installed on the remote host is prior to 1.4.6-7.11. The version of docker installed on the remote host is prior to 20.10.7-5.76. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1551 advisory. In the OCI Distribution Specification version 1.0...

5CVSS6.9AI score0.02085EPSS
Exploits0References3
NVD
NVD
added 2021/11/17 8:15 p.m.25 views

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

5CVSS0.02085EPSS
Exploits0References11
OSV
OSV
added 2021/11/17 8:15 p.m.34 views

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

5CVSS5AI score
Exploits0References11
Prion
Prion
added 2021/11/17 8:15 p.m.32 views

Design/Logic Flaw

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...

4CVSS5.1AI score0.02085EPSS
Exploits0References11Affected Software3
CVE
CVE
added 2021/11/17 7:20 p.m.267 views

CVE-2021-41190

CVE-2021-41190 affects Buildah (and related OCI tooling) with versions less than 1.41.4-2. Root cause: OCI Distribution Specification prior to 1.0.1 allowed ambiguity when documents contain both manifests and layers or config without a consistent Content-Type header; the mediaType in manifests/in...

5CVSS5.7AI score0.02085EPSS
Exploits0References11Affected Software2
Rows per page
Query Builder