rpm package
opensuse/squashfuse&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/squashfuse&distro=openSUSE%20Leap%2015.5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-3727 | Hig | 8.3 | < 0.5.0-bp155.2.1 | 0.5.0-bp155.2.1 | May 14, 2024 | A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. | |
| CVE-2023-38496 | — | < 0.5.0-bp155.2.1 | 0.5.0-bp155.2.1 | Jul 25, 2023 | Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker coul | ||
| CVE-2023-30549 | — | < 0.5.0-bp155.2.1 | 0.5.0-bp155.2.1 | Apr 25, 2023 | Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That incl |
- affected < 0.5.0-bp155.2.1fixed 0.5.0-bp155.2.1
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
- CVE-2023-38496Jul 25, 2023affected < 0.5.0-bp155.2.1fixed 0.5.0-bp155.2.1
Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker coul
- CVE-2023-30549Apr 25, 2023affected < 0.5.0-bp155.2.1fixed 0.5.0-bp155.2.1
Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That incl