VYPR

rpm package

opensuse/podman&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/podman&distro=openSUSE%20Tumbleweed

Vulnerabilities (29)

  • CVE-2021-4024Dec 23, 2021
    affected < 3.4.4-1.1fixed 3.4.4-1.1

    A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is op

  • CVE-2021-41190Nov 17, 2021
    affected < 3.4.4-1.1fixed 3.4.4-1.1

    The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat

  • CVE-2021-20206Mar 26, 2021
    affected < 4.2.0-2.1fixed 4.2.0-2.1

    An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsew

  • CVE-2021-20199Feb 2, 2021
    affected < 3.3.1-2.1fixed 3.3.1-2.1

    Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podma

  • CVE-2020-14370Sep 23, 2020
    affected < 3.3.1-2.1fixed 3.3.1-2.1

    An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container wil

  • CVE-2020-1726Feb 11, 2020
    affected < 3.3.1-2.1fixed 3.3.1-2.1

    A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used

  • CVE-2019-10214Nov 25, 2019
    affected < 3.3.1-2.1fixed 3.3.1-2.1

    The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulne

  • CVE-2019-10152Jul 30, 2019
    affected < 3.3.1-2.1fixed 3.3.1-2.1

    A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator trie

  • CVE-2018-10856MedJul 3, 2018
    affected < 3.3.1-2.1fixed 3.3.1-2.1

    It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.

Page 2 of 2