AZL-9853 CVE-2022-1664 affecting package dpkg for versions less than 1.20.10-1

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction ca...

PT-2019-5507 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: OpenShift versions 4.1 up to 4.3 OpenShift builds affected versions not specified, but includes versions that extract source from a container image Description: The issue is related to a lack of code integrity verification, allowing for...