Количество 30
Количество 30
ELSA-2022-7955
ELSA-2022-7955: skopeo security and bug fix update (MODERATE)
ELSA-2022-8008
ELSA-2022-8008: buildah security and bug fix update (MODERATE)
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' ...
CVE-2021-33198
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.
CVE-2021-33198
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.
CVE-2021-33198
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.
CVE-2021-33198
CVE-2021-33198
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic fo ...
GHSA-7qw8-847f-pggm
Improper Locking in github.com/containers/storage
GHSA-q2pw-fq43-w78v
Go before 1.15.12 and 1.16.x before 1.16.5 attempts to allocate excessive memory (issue 2 of 2).
BDU:2022-00723
Уязвимость компонента math/big.Rat и метода unmarshaltext языка программирования Go, позволяющая нарушителю вызвать аварийный сбой и перезапуск устройства
RLSA-2021:4154
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
ELSA-2021-4154
ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE)
RLSA-2024:10289
Moderate: container-tools:rhel8 security update
ELSA-2024-10289
ELSA-2024-10289: container-tools:ol8 security update (MODERATE)
openSUSE-SU-2021:2214-1
Security update for go1.15
openSUSE-SU-2021:2186-1
Security update for go1.16
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2022-7955 ELSA-2022-7955: skopeo security and bug fix update (MODERATE) | около 3 лет назад | ||
| ELSA-2022-8008 ELSA-2022-8008: buildah security and bug fix update (MODERATE) | около 3 лет назад | ||
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 1% Низкий | больше 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 1% Низкий | больше 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 1% Низкий | больше 4 лет назад |
| CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' ... | CVSS3: 6.5 | 1% Низкий | больше 4 лет назад |
| CVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. | CVSS3: 7.5 | 0% Низкий | почти 5 лет назад |
| CVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | CVSS3: 7.5 | 0% Низкий | больше 1 года назад | |
| CVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic fo ... | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
| GHSA-7qw8-847f-pggm Improper Locking in github.com/containers/storage | CVSS3: 6.5 | 1% Низкий | больше 4 лет назад |
| GHSA-q2pw-fq43-w78v Go before 1.15.12 and 1.16.x before 1.16.5 attempts to allocate excessive memory (issue 2 of 2). | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
 | BDU:2022-00723 Уязвимость компонента math/big.Rat и метода unmarshaltext языка программирования Go, позволяющая нарушителю вызвать аварийный сбой и перезапуск устройства | CVSS3: 7.5 | 0% Низкий | больше 4 лет назад |
 | RLSA-2021:4154 Moderate: container-tools:rhel8 security, bug fix, and enhancement update | около 4 лет назад | ||
| ELSA-2021-4154 ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE) | около 4 лет назад | ||
| RLSA-2024:10289 Moderate: container-tools:rhel8 security update | 12 месяцев назад | ||
| ELSA-2024-10289 ELSA-2024-10289: container-tools:ol8 security update (MODERATE) | около 1 года назад | ||
 | openSUSE-SU-2021:2214-1 Security update for go1.15 | больше 4 лет назад | ||
| openSUSE-SU-2021:2186-1 Security update for go1.16 | больше 4 лет назад |
Уязвимостей на страницу