Download
| Alert*
oval:org.secpod.oval:def:503633
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix: * podman: resolving symlink in host filesystem leads to unexpected results of copy operation ... oval:org.secpod.oval:def:503754 The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Docke ... oval:org.secpod.oval:def:503795 The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix: * containers/image: Container images read entire image manifest into memory For more details about the security issue, including the ... oval:org.secpod.oval:def:503632 Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Security Fix: * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc * proglottis/gpgme: Use-after-free ... oval:org.secpod.oval:def:69548 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation * containers/image: Container images read entire image manifest int ... oval:org.secpod.oval:def:66837 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation * containers/image: Container images read entire image manifest int ... oval:org.secpod.oval:def:1505321 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2501000 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. |