rpm package
suse/libseccomp&distro=SUSE Linux Enterprise Micro 5.1
pkg:rpm/suse/libseccomp&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3602 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Mar 3, 2022 | An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD en | ||
| CVE-2021-4024 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Dec 23, 2021 | A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is op | ||
| CVE-2021-41190 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Nov 17, 2021 | The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat | ||
| CVE-2021-20291 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Apr 1, 2021 | A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation wh | ||
| CVE-2021-20199 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Feb 2, 2021 | Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podma | ||
| CVE-2020-15157 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Oct 16, 2020 | In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise | ||
| CVE-2020-14370 | — | < 2.5.3-150300.10.5.1 | 2.5.3-150300.10.5.1 | Sep 23, 2020 | An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container wil |
- CVE-2021-3602Mar 3, 2022affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD en
- CVE-2021-4024Dec 23, 2021affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is op
- CVE-2021-41190Nov 17, 2021affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat
- CVE-2021-20291Apr 1, 2021affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation wh
- CVE-2021-20199Feb 2, 2021affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podma
- CVE-2020-15157Oct 16, 2020affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise
- CVE-2020-14370Sep 23, 2020affected < 2.5.3-150300.10.5.1fixed 2.5.3-150300.10.5.1
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container wil