rpm package
suse/rubygem-excon&distro=SUSE Linux Enterprise Module for Containers 12
pkg:rpm/suse/rubygem-excon&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2012
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-16779 | — | < 0.52.0-12.3.8 | 0.52.0-12.3.8 | Dec 16, 2019 | In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. Th | ||
| CVE-2016-8867 | Hig | 7.5 | < 0.52.0-9.1 | 0.52.0-9.1 | Oct 28, 2016 | Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes. |
- CVE-2019-16779Dec 16, 2019affected < 0.52.0-12.3.8fixed 0.52.0-12.3.8
In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. Th
- affected < 0.52.0-9.1fixed 0.52.0-9.1
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.