rpm package
almalinux/buildah
pkg:rpm/almalinux/buildah
Vulnerabilities (106)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-33198 | Hig | 7.5 | < 1:1.27.0-2.el9 | 1:1.27.0-2.el9 | Aug 2, 2021 | In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. | |
| CVE-2021-33197 | Med | 5.3 | < 1:1.27.0-2.el9 | 1:1.27.0-2.el9 | Aug 2, 2021 | In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. | |
| CVE-2021-33195 | Hig | 7.3 | < 1:1.27.0-2.el9 | 1:1.27.0-2.el9 | Aug 2, 2021 | Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format. | |
| CVE-2021-20291 | Med | 6.5 | < 1:1.27.0-2.el9 | 1:1.27.0-2.el9 | Apr 1, 2021 | A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation wh | |
| CVE-2021-20188 | Hig | 7.0 | < 1.5-8.gite94b4f9.module_el8.5.0+119+9a9ec082 | 1.5-8.gite94b4f9.module_el8.5.0+119+9a9ec082 | Feb 11, 2021 | A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root use | |
| CVE-2019-19921 | Hig | 7.0 | < 1:1.24.6-7.module_el8.9.0+3627+db8ec155 | 1:1.24.6-7.module_el8.9.0+3627+db8ec155 | Feb 12, 2020 | runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul |
- affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9
In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.
- affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9
In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers.
- affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.
- affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation wh
- affected < 1.5-8.gite94b4f9.module_el8.5.0+119+9a9ec082fixed 1.5-8.gite94b4f9.module_el8.5.0+119+9a9ec082
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root use
- affected < 1:1.24.6-7.module_el8.9.0+3627+db8ec155fixed 1:1.24.6-7.module_el8.9.0+3627+db8ec155
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul
Page 6 of 6