VYPR

rpm package

opensuse/podman&distro=openSUSE Leap Micro 5.4

pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.4

Vulnerabilities (3)

  • CVE-2024-3727HigMay 14, 2024
    affected < 4.9.5-150400.4.27.1fixed 4.9.5-150400.4.27.1

    A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

  • CVE-2024-1753HigMar 18, 2024
    affected < 4.4.4-150400.4.22.1fixed 4.4.4-150400.4.22.1

    A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause t

  • CVE-2024-24786HigMar 5, 2024
    affected < 4.9.5-150400.4.27.1fixed 4.9.5-150400.4.27.1

    The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.