Unrated severityNVD Advisory· Published May 27, 2021· Updated Aug 4, 2024
CVE-2020-1702
CVE-2020-1702
Description
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- containers-image/containers-imagedescription
- Range: <5.2.0
- osv-coords7 versionspkg:rpm/almalinux/critpkg:rpm/almalinux/criupkg:rpm/almalinux/python3-criupkg:rpm/almalinux/python-podman-apipkg:rpm/almalinux/slirp4netnspkg:rpm/almalinux/toolboxpkg:rpm/almalinux/udica
< 3.12-9.module_el8.3.0+2044+12421f43+ 6 more
- (no CPE)range: < 3.12-9.module_el8.3.0+2044+12421f43
- (no CPE)range: < 3.12-9.module_el8.4.0+2496+12421f43
- (no CPE)range: < 3.12-9.module_el8.3.0+2044+12421f43
- (no CPE)range: < 1.2.0-0.2.gitd0a45fe.module_el8.5.0+2635+e4386a39
- (no CPE)range: < 0.4.2-3.git21fdece.module_el8.5.0+2635+e4386a39
- (no CPE)range: < 0.0.7-1.module_el8.5.0+108+00865455
- (no CPE)range: < 0.2.1-2.module_el8.5.0+108+00865455
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.