VYPR

rpm package

almalinux/buildah

pkg:rpm/almalinux/buildah

Vulnerabilities (106)

  • CVE-2021-33198HigAug 2, 2021
    affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9

    In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method.

  • CVE-2021-33197MedAug 2, 2021
    affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9

    In Go before 1.15.13 and 1.16.x before 1.16.5, some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers.

  • CVE-2021-33195HigAug 2, 2021
    affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9

    Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format.

  • CVE-2021-20291MedApr 1, 2021
    affected < 1:1.27.0-2.el9fixed 1:1.27.0-2.el9

    A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation wh

  • CVE-2021-20188HigFeb 11, 2021
    affected < 1.5-8.gite94b4f9.module_el8.5.0+119+9a9ec082fixed 1.5-8.gite94b4f9.module_el8.5.0+119+9a9ec082

    A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root use

  • CVE-2019-19921HigFeb 12, 2020
    affected < 1:1.24.6-7.module_el8.9.0+3627+db8ec155fixed 1:1.24.6-7.module_el8.9.0+3627+db8ec155

    runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul

Page 6 of 6