Количество 49
Количество 49
RLSA-2024:9051
Important: podman security update
ELSA-2024-9051
ELSA-2024-9051: podman security update (IMPORTANT)
SUSE-SU-2024:4303-1
Security update for buildah
SUSE-SU-2024:3988-1
Security update for buildah
SUSE-SU-2025:0267-1
Security update for podman
ELSA-2024-9459
ELSA-2024-9459: buildah security update (IMPORTANT)
ELSA-2024-9454
ELSA-2024-9454: podman security update (IMPORTANT)
SUSE-SU-2025:0775-1
Security update for podman
SUSE-SU-2024:3741-1
Security update for podman
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
CVE-2024-9676
CVE-2024-9676
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink tra ...
RLSA-2024:8846
Important: container-tools:rhel8 security update
ELSA-2024-8846
ELSA-2024-8846: container-tools:ol8 security update (IMPORTANT)
SUSE-SU-2024:3754-1
Security update for buildah
SUSE-SU-2024:3753-1
Security update for podman
GHSA-wq2p-5pc6-wpgf
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
BDU:2024-09457
Уязвимость программного средства управления и запуска OCI-контейнеров Podman, связанная с неправильным ограничением имени пути к ограниченному каталогу, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | RLSA-2024:9051 Important: podman security update | около 1 года назад | ||
| ELSA-2024-9051 ELSA-2024-9051: podman security update (IMPORTANT) | около 1 года назад | ||
 | SUSE-SU-2024:4303-1 Security update for buildah | около 1 года назад | ||
| SUSE-SU-2024:3988-1 Security update for buildah | около 1 года назад | ||
| SUSE-SU-2025:0267-1 Security update for podman | около 1 года назад | ||
| ELSA-2024-9459 ELSA-2024-9459: buildah security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-9454 ELSA-2024-9454: podman security update (IMPORTANT) | около 1 года назад | ||
| SUSE-SU-2025:0775-1 Security update for podman | 11 месяцев назад | ||
| SUSE-SU-2024:3741-1 Security update for podman | больше 1 года назад | ||
 | CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
 | CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
 | CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
 | CVSS3: 6.5 | 1% Низкий | около 1 года назад | |
| CVE-2024-9676 A vulnerability was found in Podman, Buildah, and CRI-O. A symlink tra ... | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
| RLSA-2024:8846 Important: container-tools:rhel8 security update | около 1 года назад | ||
| ELSA-2024-8846 ELSA-2024-8846: container-tools:ol8 security update (IMPORTANT) | больше 1 года назад | ||
| SUSE-SU-2024:3754-1 Security update for buildah | 1% Низкий | больше 1 года назад | |
| SUSE-SU-2024:3753-1 Security update for podman | 1% Низкий | больше 1 года назад | |
| GHSA-wq2p-5pc6-wpgf A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host. | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
 | BDU:2024-09457 Уязвимость программного средства управления и запуска OCI-контейнеров Podman, связанная с неправильным ограничением имени пути к ограниченному каталогу, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.5 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу