rpm package

suse/docker&distro=SUSE Linux Enterprise Module for Containers 12

pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012

Vulnerabilities (49)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-41110	Cri	9.9	< 25.0.6_ce-98.115.1	25.0.6_ce-98.115.1	Jul 24, 2024	Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood
CVE-2024-23653		—	< 24.0.7_ce-98.106.1	24.0.7_ce-98.106.1	Jan 31, 2024	BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use th
CVE-2024-23652		—	< 24.0.7_ce-98.106.1	24.0.7_ce-98.106.1	Jan 31, 2024	BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file o
CVE-2024-23651		—	< 24.0.7_ce-98.106.1	24.0.7_ce-98.106.1	Jan 31, 2024	BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host syste
CVE-2023-28840		—	< 20.10.25_ce-98.93.1	20.10.25_ce-98.93.1	Apr 4, 2023	Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby, is commonly referred to as *Docke
CVE-2023-28841		—	< 20.10.25_ce-98.93.1	20.10.25_ce-98.93.1	Apr 4, 2023	Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker
CVE-2023-28842		—	< 20.10.25_ce-98.93.1	20.10.25_ce-98.93.1	Apr 4, 2023	Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docke
CVE-2022-36109		—	< 20.10.23_ce-98.89.1	20.10.23_ce-98.89.1	Sep 9, 2022	Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they
CVE-2021-43565		—	< 20.10.14_ce-98.80.1	20.10.14_ce-98.80.1	Sep 6, 2022	The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
CVE-2022-31030		—	< 20.10.17_ce-98.83.1	20.10.17_ce-98.83.1	Jun 6, 2022	containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume a
CVE-2022-29162		—	< 20.10.17_ce-98.83.1	20.10.17_ce-98.83.1	May 17, 2022	runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme
CVE-2022-24769		—	< 20.10.14_ce-98.80.1	20.10.14_ce-98.80.1	Mar 24, 2022	Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atyp
CVE-2022-27191		—	< 20.10.14_ce-98.80.1	20.10.14_ce-98.80.1	Mar 18, 2022	The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
CVE-2022-23648		—	< 20.10.14_ce-98.80.1	20.10.14_ce-98.80.1	Mar 3, 2022	containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could
CVE-2021-41190		—	< 20.10.12_ce-98.75.1	20.10.12_ce-98.75.1	Nov 17, 2021	The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat
CVE-2021-41089		—	< 20.10.9_ce-98.72.1	20.10.9_ce-98.72.1	Oct 4, 2021	Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the h
CVE-2021-41091		—	< 20.10.9_ce-98.72.1	20.10.9_ce-98.72.1	Oct 4, 2021	Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivilege
CVE-2021-41092		—	< 20.10.9_ce-98.72.1	20.10.9_ce-98.72.1	Oct 4, 2021	Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHel
CVE-2021-41103		—	< 20.10.9_ce-98.72.1	20.10.9_ce-98.72.1	Oct 4, 2021	containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to tra
CVE-2021-32760		—	< 20.10.9_ce-98.72.1	20.10.9_ce-98.72.1	Jul 19, 2021	containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions

CVE-2024-41110CriJul 24, 2024
affected < 25.0.6_ce-98.115.1fixed 25.0.6_ce-98.115.1
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base likelihood
CVE-2024-23653Jan 31, 2024
affected < 24.0.7_ce-98.106.1fixed 24.0.7_ce-98.106.1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use th
CVE-2024-23652Jan 31, 2024
affected < 24.0.7_ce-98.106.1fixed 24.0.7_ce-98.106.1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file o
CVE-2024-23651Jan 31, 2024
affected < 24.0.7_ce-98.106.1fixed 24.0.7_ce-98.106.1
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host syste
CVE-2023-28840Apr 4, 2023
affected < 20.10.25_ce-98.93.1fixed 20.10.25_ce-98.93.1
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby, is commonly referred to as *Docke
CVE-2023-28841Apr 4, 2023
affected < 20.10.25_ce-98.93.1fixed 20.10.25_ce-98.93.1
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docker
CVE-2023-28842Apr 4, 2023
affected < 20.10.25_ce-98.93.1fixed 20.10.25_ce-98.93.1
Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as *Docke
CVE-2022-36109Sep 9, 2022
affected < 20.10.23_ce-98.89.1fixed 20.10.23_ce-98.89.1
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they
CVE-2021-43565Sep 6, 2022
affected < 20.10.14_ce-98.80.1fixed 20.10.14_ce-98.80.1
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
CVE-2022-31030Jun 6, 2022
affected < 20.10.17_ce-98.83.1fixed 20.10.17_ce-98.83.1
containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the `ExecSync` API. This can cause containerd to consume a
CVE-2022-29162May 17, 2022
affected < 20.10.17_ce-98.83.1fixed 20.10.17_ce-98.83.1
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environme
CVE-2022-24769Mar 24, 2022
affected < 20.10.14_ce-98.80.1fixed 20.10.14_ce-98.80.1
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atyp
CVE-2022-27191Mar 18, 2022
affected < 20.10.14_ce-98.80.1fixed 20.10.14_ce-98.80.1
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
CVE-2022-23648Mar 3, 2022
affected < 20.10.14_ce-98.80.1fixed 20.10.14_ce-98.80.1
containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd’s CRI implementation on Linux with a specially-crafted image configuration could
CVE-2021-41190Nov 17, 2021
affected < 20.10.12_ce-98.75.1fixed 20.10.12_ce-98.75.1
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat
CVE-2021-41089Oct 4, 2021
affected < 20.10.9_ce-98.72.1fixed 20.10.9_ce-98.72.1
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the h
CVE-2021-41091Oct 4, 2021
affected < 20.10.9_ce-98.72.1fixed 20.10.9_ce-98.72.1
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivilege
CVE-2021-41092Oct 4, 2021
affected < 20.10.9_ce-98.72.1fixed 20.10.9_ce-98.72.1
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHel
CVE-2021-41103Oct 4, 2021
affected < 20.10.9_ce-98.72.1fixed 20.10.9_ce-98.72.1
containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to tra
CVE-2021-32760Jul 19, 2021
affected < 20.10.9_ce-98.72.1fixed 20.10.9_ce-98.72.1
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions

Page 1 of 3