rpm package
almalinux/libslirp-devel
pkg:rpm/almalinux/libslirp-devel
Vulnerabilities (105)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-14370 | Med | 5.3 | < 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | Sep 23, 2020 | An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container wil | |
| CVE-2020-10756 | Med | 6.5 | < 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | Jul 9, 2020 | An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of | |
| CVE-2020-14040 | Hig | 7.5 | < 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | Jun 17, 2020 | The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM o | |
| CVE-2020-10749 | Med | 6.0 | < 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | Jun 3, 2020 | A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertiseme | |
| CVE-2019-19921 | Hig | 7.0 | < 4.4.0-1.module_el8.6.0+3137+d33c3efb | 4.4.0-1.module_el8.6.0+3137+d33c3efb | Feb 12, 2020 | runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul |
- affected < 4.3.1-1.module_el8.6.0+2876+9ed4eae2fixed 4.3.1-1.module_el8.6.0+2876+9ed4eae2
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container wil
- affected < 4.3.1-1.module_el8.6.0+2876+9ed4eae2fixed 4.3.1-1.module_el8.6.0+2876+9ed4eae2
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of
- affected < 4.3.1-1.module_el8.6.0+2876+9ed4eae2fixed 4.3.1-1.module_el8.6.0+2876+9ed4eae2
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM o
- affected < 4.3.1-1.module_el8.6.0+2876+9ed4eae2fixed 4.3.1-1.module_el8.6.0+2876+9ed4eae2
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertiseme
- affected < 4.4.0-1.module_el8.6.0+3137+d33c3efbfixed 4.4.0-1.module_el8.6.0+3137+d33c3efb
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul
Page 6 of 6