rpm package
suse/golang-github-docker-libnetwork&distro=SUSE Linux Enterprise Module for Containers 15 SP2
pkg:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21284 | — | < 0.7.0.1+gitr2908_55e924b8a842-4.28.3 | 0.7.0.1+gitr2908_55e924b8a842-4.28.3 | Feb 2, 2021 | In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesy | ||
| CVE-2021-21285 | — | < 0.7.0.1+gitr2908_55e924b8a842-4.28.3 | 0.7.0.1+gitr2908_55e924b8a842-4.28.3 | Feb 2, 2021 | In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. | ||
| CVE-2020-15257 | — | < 0.7.0.1+gitr2908_55e924b8a842-4.28.3 | 0.7.0.1+gitr2908_55e924b8a842-4.28.3 | Dec 1, 2020 | containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified tha | ||
| CVE-2020-13401 | — | < 0.7.0.1+gitr2902_153d0769a118-4.21.2 | 0.7.0.1+gitr2902_153d0769a118-4.21.2 | Jun 2, 2020 | An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service. |
- CVE-2021-21284Feb 2, 2021affected < 0.7.0.1+gitr2908_55e924b8a842-4.28.3fixed 0.7.0.1+gitr2908_55e924b8a842-4.28.3
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesy
- CVE-2021-21285Feb 2, 2021affected < 0.7.0.1+gitr2908_55e924b8a842-4.28.3fixed 0.7.0.1+gitr2908_55e924b8a842-4.28.3
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.
- CVE-2020-15257Dec 1, 2020affected < 0.7.0.1+gitr2908_55e924b8a842-4.28.3fixed 0.7.0.1+gitr2908_55e924b8a842-4.28.3
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified tha
- CVE-2020-13401Jun 2, 2020affected < 0.7.0.1+gitr2902_153d0769a118-4.21.2fixed 0.7.0.1+gitr2902_153d0769a118-4.21.2
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.