rpm package
opensuse/apptainer&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/apptainer&distro=openSUSE%20Leap%2015.5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-3727 | Hig | 8.3 | < 1.3.0-bp155.3.3.2 | 1.3.0-bp155.3.3.2 | May 14, 2024 | A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. | |
| CVE-2023-38496 | — | < 1.3.0-bp155.3.3.2 | 1.3.0-bp155.3.3.2 | Jul 25, 2023 | Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker coul | ||
| CVE-2023-30549 | — | < 1.3.0-bp155.3.3.2 | 1.3.0-bp155.3.3.2 | Apr 25, 2023 | Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That incl |
- affected < 1.3.0-bp155.3.3.2fixed 1.3.0-bp155.3.3.2
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
- CVE-2023-38496Jul 25, 2023affected < 1.3.0-bp155.3.3.2fixed 1.3.0-bp155.3.3.2
Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker coul
- CVE-2023-30549Apr 25, 2023affected < 1.3.0-bp155.3.3.2fixed 1.3.0-bp155.3.3.2
Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That incl