VYPR

rpm package

suse/cni-plugins&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP1

pkg:rpm/suse/cni-plugins&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1

Vulnerabilities (3)

  • CVE-2021-20206Mar 26, 2021
    affected < 0.8.6-150100.3.11.1fixed 0.8.6-150100.3.11.1

    An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsew

  • CVE-2020-10749Jun 3, 2020
    affected < 0.8.6-3.6.1fixed 0.8.6-3.6.1

    A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertiseme

  • CVE-2019-18466Oct 28, 2019
    affected < 0.8.4-3.3.1fixed 0.8.4-3.3.1

    An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that,