Количество 55
Количество 55
CVE-2019-9946
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0.
CVE-2019-9946
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...
openSUSE-SU-2021:0310-1
Security update for buildah, libcontainers-common, podman
openSUSE-SU-2020:2106-1
Security update for buildah
SUSE-SU-2020:3423-1
Security update for buildah
openSUSE-SU-2022:0770-1
Security update for buildah
SUSE-SU-2022:0770-1
Security update for buildah
CVE-2019-14378
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
CVE-2019-14378
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
CVE-2019-14378
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
CVE-2019-14378
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overf ...
GHSA-6g96-g4m6-hw69
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0.
openSUSE-SU-2020:0554-1
Security update for kubernetes
ELSA-2019-4593
ELSA-2019-4593: kubernetes kubeadm-upgrade kubeadm-ha-setup security update (IMPORTANT)
GHSA-qvqc-h5c8-h785
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
BDU:2019-03648
Уязвимость функции ip_reass из ip_input.c библиотеки TCP-IP эмулятора Libslirp, позволяющая нарушителю получить несанкционированный доступ к информации, вызвать отказ в обслуживании или оказать воздействие на доступность информации
ELSA-2020-0366
ELSA-2020-0366: qemu-kvm security, bug fix, and enhancement update (IMPORTANT)
openSUSE-SU-2019:2059-1
Security update for qemu
SUSE-SU-2019:2353-1
Security update for qemu
SUSE-SU-2019:2246-1
Security update for qemu
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-9946 Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0. | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
| CVE-2019-9946 Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ... | CVSS3: 7.5 | 0% Низкий | около 6 лет назад |
 | openSUSE-SU-2021:0310-1 Security update for buildah, libcontainers-common, podman | больше 4 лет назад | ||
| openSUSE-SU-2020:2106-1 Security update for buildah | больше 4 лет назад | ||
| SUSE-SU-2020:3423-1 Security update for buildah | больше 4 лет назад | ||
| openSUSE-SU-2022:0770-1 Security update for buildah | больше 3 лет назад | ||
| SUSE-SU-2022:0770-1 Security update for buildah | больше 3 лет назад | ||
 | CVE-2019-14378 ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. | CVSS3: 8.8 | 7% Низкий | почти 6 лет назад |
 | CVE-2019-14378 ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. | CVSS3: 7 | 7% Низкий | почти 6 лет назад |
| CVE-2019-14378 ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. | CVSS3: 8.8 | 7% Низкий | почти 6 лет назад |
| CVE-2019-14378 ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overf ... | CVSS3: 8.8 | 7% Низкий | почти 6 лет назад |
| GHSA-6g96-g4m6-hw69 Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| openSUSE-SU-2020:0554-1 Security update for kubernetes | около 5 лет назад | ||
| ELSA-2019-4593 ELSA-2019-4593: kubernetes kubeadm-upgrade kubeadm-ha-setup security update (IMPORTANT) | около 6 лет назад | ||
| GHSA-qvqc-h5c8-h785 ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. | 7% Низкий | около 3 лет назад | |
 | BDU:2019-03648 Уязвимость функции ip_reass из ip_input.c библиотеки TCP-IP эмулятора Libslirp, позволяющая нарушителю получить несанкционированный доступ к информации, вызвать отказ в обслуживании или оказать воздействие на доступность информации | CVSS3: 8.8 | 7% Низкий | почти 6 лет назад |
| ELSA-2020-0366 ELSA-2020-0366: qemu-kvm security, bug fix, and enhancement update (IMPORTANT) | больше 5 лет назад | ||
| openSUSE-SU-2019:2059-1 Security update for qemu | почти 6 лет назад | ||
| SUSE-SU-2019:2353-1 Security update for qemu | почти 6 лет назад | ||
| SUSE-SU-2019:2246-1 Security update for qemu | почти 6 лет назад |
Уязвимостей на страницу