rpm package
almalinux/udica
pkg:rpm/almalinux/udica
Vulnerabilities (103)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-1726 | — | < 0.2.1-2.module_el8.5.0+108+00865455 | 0.2.1-2.module_el8.5.0+108+00865455 | Feb 11, 2020 | A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used | ||
| CVE-2020-8608 | — | < 0.2.1-2.module_el8.5.0+108+00865455 | 0.2.1-2.module_el8.5.0+108+00865455 | Feb 6, 2020 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | ||
| CVE-2020-7039 | — | < 0.2.1-2.module_el8.5.0+108+00865455 | 0.2.1-2.module_el8.5.0+108+00865455 | Jan 16, 2020 | tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. |
- CVE-2020-1726Feb 11, 2020affected < 0.2.1-2.module_el8.5.0+108+00865455fixed 0.2.1-2.module_el8.5.0+108+00865455
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used
- CVE-2020-8608Feb 6, 2020affected < 0.2.1-2.module_el8.5.0+108+00865455fixed 0.2.1-2.module_el8.5.0+108+00865455
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
- CVE-2020-7039Jan 16, 2020affected < 0.2.1-2.module_el8.5.0+108+00865455fixed 0.2.1-2.module_el8.5.0+108+00865455
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
Page 6 of 6