rpm package
almalinux/cockpit-podman
pkg:rpm/almalinux/cockpit-podman
Vulnerabilities (104)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-9675 | Hig | 7.8 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Oct 9, 2024 | A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as lo | |
| CVE-2024-9407 | Med | 4.7 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Oct 1, 2024 | A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensi | |
| CVE-2024-9341 | Med | 5.4 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Oct 1, 2024 | A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting se | |
| CVE-2024-34158 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Sep 6, 2024 | Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. | |
| CVE-2024-34156 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Sep 6, 2024 | Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. | |
| CVE-2024-34155 | Med | 4.3 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Sep 6, 2024 | Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. | |
| CVE-2024-24791 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | Jul 2, 2024 | The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the co | |
| CVE-2024-37298 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Jul 1, 2024 | gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality | |
| CVE-2024-6104 | Med | 6.0 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Jun 24, 2024 | go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. | |
| CVE-2024-24789 | Med | 5.5 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Jun 5, 2024 | The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip pac | |
| CVE-2024-3727 | Hig | 8.3 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | May 14, 2024 | A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. | |
| CVE-2024-24788 | Med | 5.9 | < 84.1-1.module_el8.10.0+3876+e55593a8 | 84.1-1.module_el8.10.0+3876+e55593a8 | May 8, 2024 | A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. | |
| CVE-2024-1394 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Mar 21, 2024 | A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and | |
| CVE-2024-1753 | Hig | 8.6 | < 46-1.module_el8.7.0+3344+5bcd850f | 46-1.module_el8.7.0+3344+5bcd850f | Mar 18, 2024 | A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause t | |
| CVE-2024-28180 | Med | 4.3 | < 84.1-1.module_el8.10.0+3792+03eaed9c | 84.1-1.module_el8.10.0+3792+03eaed9c | Mar 9, 2024 | Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now ret | |
| CVE-2024-28176 | Med | 4.9 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Mar 9, 2024 | jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encrypt | |
| CVE-2024-24786 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3792+03eaed9c | 84.1-1.module_el8.10.0+3792+03eaed9c | Mar 5, 2024 | The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. | |
| CVE-2024-24785 | Med | 5.4 | < 84.1-1.module_el8.10.0+4102+6c76e544 | 84.1-1.module_el8.10.0+4102+6c76e544 | Mar 5, 2024 | If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. | |
| CVE-2024-24784 | Hig | 7.5 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Mar 5, 2024 | The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers. | |
| CVE-2024-24783 | Med | 5.9 | < 84.1-1.module_el8.10.0+3858+6ad51f9f | 84.1-1.module_el8.10.0+3858+6ad51f9f | Mar 5, 2024 | Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The defaul |
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as lo
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensi
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting se
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the co
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip pac
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
- affected < 84.1-1.module_el8.10.0+3876+e55593a8fixed 84.1-1.module_el8.10.0+3876+e55593a8
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and
- affected < 46-1.module_el8.7.0+3344+5bcd850ffixed 46-1.module_el8.7.0+3344+5bcd850f
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause t
- affected < 84.1-1.module_el8.10.0+3792+03eaed9cfixed 84.1-1.module_el8.10.0+3792+03eaed9c
Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now ret
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encrypt
- affected < 84.1-1.module_el8.10.0+3792+03eaed9cfixed 84.1-1.module_el8.10.0+3792+03eaed9c
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
- affected < 84.1-1.module_el8.10.0+4102+6c76e544fixed 84.1-1.module_el8.10.0+4102+6c76e544
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.
- affected < 84.1-1.module_el8.10.0+3858+6ad51f9ffixed 84.1-1.module_el8.10.0+3858+6ad51f9f
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The defaul
Page 2 of 6