RHEL 8 : proglottis_gpgme (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 Note that Nessus has n...

RHEL 8 : OpenShift Container Platform 4.3.12 podman (RHSA-2020:1396)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1396 advisory. The podman tool manages Pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...

RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2992)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2992 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11 security update

An update for atomic-openshift, atomic-openshift-web-console, and cri-o is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

RHEL 7 : podman (RHSA-2020:2117)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2117 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use contain...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.2.28 openshift-enterprise-builder-container security update

An update for openshift-enterprise-builder-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Moderate: Red Hat Security Advisory: docker security and bug fix update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 7 : docker (RHSA-2020:1234)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1234 advisory. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.3.8 openshift-clients security update

An update for openshift-clients is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.38 skopeo security update

An update for skopeo is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification...