Количество 13
Количество 13
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
CVE-2021-20291
A deadlock vulnerability was found in 'github.com/containers/storage' ...
GHSA-7qw8-847f-pggm
Improper Locking in github.com/containers/storage
RLSA-2021:4154
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
ELSA-2022-7955
ELSA-2022-7955: skopeo security and bug fix update (MODERATE)
ELSA-2021-4154
ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2022:3312-1
Security update for libcontainers-common
openSUSE-SU-2022:23018-1
Security update for conmon, libcontainers-common, libseccomp, podman
SUSE-SU-2022:23018-1
Security update for conmon, libcontainers-common, libseccomp, podman
ELSA-2022-8008
ELSA-2022-8008: buildah security and bug fix update (MODERATE)
ELSA-2022-7954
ELSA-2022-7954: podman security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS). | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' ... | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| GHSA-7qw8-847f-pggm Improper Locking in github.com/containers/storage | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
 | RLSA-2021:4154 Moderate: container-tools:rhel8 security, bug fix, and enhancement update | почти 4 года назад | ||
| ELSA-2022-7955 ELSA-2022-7955: skopeo security and bug fix update (MODERATE) | почти 3 года назад | ||
| ELSA-2021-4154 ELSA-2021-4154: container-tools:ol8 security, bug fix, and enhancement update (MODERATE) | почти 4 года назад | ||
 | SUSE-SU-2022:3312-1 Security update for libcontainers-common | около 3 лет назад | ||
| openSUSE-SU-2022:23018-1 Security update for conmon, libcontainers-common, libseccomp, podman | больше 3 лет назад | ||
| SUSE-SU-2022:23018-1 Security update for conmon, libcontainers-common, libseccomp, podman | больше 3 лет назад | ||
| ELSA-2022-8008 ELSA-2022-8008: buildah security and bug fix update (MODERATE) | почти 3 года назад | ||
| ELSA-2022-7954 ELSA-2022-7954: podman security and bug fix update (MODERATE) | почти 3 года назад |
Уязвимостей на страницу