rpm package
opensuse/umoci&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/umoci&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-41190 | — | < 0.5.0-1.1 | 0.5.0-1.1 | Nov 17, 2021 | The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat | ||
| CVE-2021-29136 | — | < 0.4.7-2.3 | 0.4.7-2.3 | Apr 6, 2021 | Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used. |
- CVE-2021-41190Nov 17, 2021affected < 0.5.0-1.1fixed 0.5.0-1.1
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat
- CVE-2021-29136Apr 6, 2021affected < 0.4.7-2.3fixed 0.4.7-2.3
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used.