what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2020-14370

Status Candidate

Overview

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.

Related Files

Red Hat Security Advisory 2021-0531-01
Posted Feb 16, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0531-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14370
MD5 | 00bed27d4c105725459bfc3e15d26bf7
Red Hat Security Advisory 2020-5056-01
Posted Nov 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5056-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-14040, CVE-2020-14370
MD5 | 40bf1e4803c1827dc705ed0538142fbd
Red Hat Security Advisory 2020-4297-01
Posted Oct 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4297-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. The runC tool is a lightweight, portable implementation of the Open Container Format that provides container runtime. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include information leakage, man-in-the-middle, and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2019-16541, CVE-2020-14040, CVE-2020-14370, CVE-2020-16845, CVE-2020-2252, CVE-2020-2254, CVE-2020-2255, CVE-2020-8564
MD5 | 84a716d1649a82a380bd372199c8e2db
Page 1 of 1
Back1Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close