Количество 13
Количество 13
GHSA-7qw8-847f-pggm
Improper Locking in github.com/containers/storage
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' ...
RLSA-2021:4154
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
ELSA-2022-7955
ELSA-2022-7955: skopeo security and bug fix update (MODERATE)
ELSA-2021-4154
ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2022:3312-1
Security update for libcontainers-common
openSUSE-SU-2022:23018-1
Security update for conmon, libcontainers-common, libseccomp, podman
SUSE-SU-2022:23018-1
Security update for conmon, libcontainers-common, libseccomp, podman
ELSA-2022-8008
ELSA-2022-8008: buildah security and bug fix update (MODERATE)
ELSA-2022-7954
ELSA-2022-7954: podman security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-7qw8-847f-pggm Improper Locking in github.com/containers/storage | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
| CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' ... | CVSS3: 6.5 | 0% Низкий | около 4 лет назад |
 | RLSA-2021:4154 Moderate: container-tools:rhel8 security, bug fix, and enhancement update | больше 3 лет назад | ||
| ELSA-2022-7955 ELSA-2022-7955: skopeo security and bug fix update (MODERATE) | больше 2 лет назад | ||
| ELSA-2021-4154 ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE) | больше 3 лет назад | ||
 | SUSE-SU-2022:3312-1 Security update for libcontainers-common | почти 3 года назад | ||
| openSUSE-SU-2022:23018-1 Security update for conmon, libcontainers-common, libseccomp, podman | больше 3 лет назад | ||
| SUSE-SU-2022:23018-1 Security update for conmon, libcontainers-common, libseccomp, podman | больше 3 лет назад | ||
| ELSA-2022-8008 ELSA-2022-8008: buildah security and bug fix update (MODERATE) | больше 2 лет назад | ||
| ELSA-2022-7954 ELSA-2022-7954: podman security and bug fix update (MODERATE) | больше 2 лет назад |
Уязвимостей на страницу