VYPR

rpm package

suse/golang-github-docker-libnetwork&distro=SUSE Linux Enterprise Module for Containers 15 SP2

pkg:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Vulnerabilities (4)

  • CVE-2021-21284Feb 2, 2021
    affected < 0.7.0.1+gitr2908_55e924b8a842-4.28.3fixed 0.7.0.1+gitr2908_55e924b8a842-4.28.3

    In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesy

  • CVE-2021-21285Feb 2, 2021
    affected < 0.7.0.1+gitr2908_55e924b8a842-4.28.3fixed 0.7.0.1+gitr2908_55e924b8a842-4.28.3

    In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

  • CVE-2020-15257Dec 1, 2020
    affected < 0.7.0.1+gitr2908_55e924b8a842-4.28.3fixed 0.7.0.1+gitr2908_55e924b8a842-4.28.3

    containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified tha

  • CVE-2020-13401Jun 2, 2020
    affected < 0.7.0.1+gitr2902_153d0769a118-4.21.2fixed 0.7.0.1+gitr2902_153d0769a118-4.21.2

    An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.