rpm package
suse/cni&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
pkg:rpm/suse/cni&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-1753 | Hig | 8.6 | < 0.7.1-150100.3.18.1 | 0.7.1-150100.3.18.1 | Mar 18, 2024 | A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause t | |
| CVE-2021-20206 | — | < 0.7.1-150100.3.8.1 | 0.7.1-150100.3.8.1 | Mar 26, 2021 | An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsew |
- affected < 0.7.1-150100.3.18.1fixed 0.7.1-150100.3.18.1
A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause t
- CVE-2021-20206Mar 26, 2021affected < 0.7.1-150100.3.8.1fixed 0.7.1-150100.3.8.1
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsew