container-tools:rhel8/containernetworking-plugins vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the container-tools:rhel8/containernetworking-plugins package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Directory Traversal	<1:1.4.0-5.module_el8.10.0+3926+f12484f5
M Information Exposure	<1:1.4.0-5.module_el8.10.0+3926+f12484f5
M CVE-2021-33198	<1:1.4.0-5.module_el8.10.0+3926+f12484f5
H Directory Traversal	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H Improper Input Validation	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H Link Following	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H CVE-2024-34158	<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7
H CVE-2024-34156	<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7
H CVE-2024-34155	<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7
M CVE-2024-24791	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
M CVE-2024-24788	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H Information Exposure Through Log Files	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H CVE-2024-37298	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H Improper Validation of Integrity Check Value	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H CVE-2024-24789	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
M CVE-2024-24784	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
M CVE-2024-24783	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H Memory Leak	<1:1.4.0-5.module_el8.10.0+3876+e55593a8
H CVE-2023-45290	<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7
M CVE-2024-28176	<1:1.4.0-2.module_el8.10.0+3858+6ad51f9f
M CVE-2024-28180	<1:1.4.0-2.module_el8.10.0+3858+6ad51f9f
M CVE-2024-24786	<1:1.4.0-2.module_el8.10.0+3792+03eaed9c
H CVE-2022-41715	<1:1.4.0-2.module_el8.10.0+3792+03eaed9c
H HTTP Request Smuggling	<1:1.4.0-2.module_el8.10.0+3792+03eaed9c
H Link Following	<1:1.4.0-2.module_el8.10.0+3792+03eaed9c
H Exposure of Resource to Wrong Sphere	<1:1.3.0-8.module_el8.9.0+3717+81096349
M Cross-site Scripting (XSS)	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Interpretation Conflict	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Arbitrary Code Injection	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Link Following	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Use of Incorrectly-Resolved Name or Reference	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Improper Preservation of Permissions	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Incorrect Authorization	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M CVE-2023-24540	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Arbitrary Code Injection	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Arbitrary Code Injection	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Integer Overflow or Wraparound	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Allocation of Resources Without Limits or Throttling	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Resource Exhaustion	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Allocation of Resources Without Limits or Throttling	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Resource Exhaustion	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M CVE-2022-41723	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
M Resource Exhaustion	<1:1.3.0-4.module_el8.9.0+3643+9234dc3b
L Placement of User into Incorrect Group	<1:1.1.1-3.module_el8.6.0+3128+1510fbd1
M Time-of-check Time-of-use (TOCTOU)	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M CVE-2022-32189	<1:1.2.0-1.module_el8.8.0+3470+252b1910
L Placement of User into Incorrect Group	<1:1.1.1-3.module_el8.6.0+3128+1510fbd1
M CVE-2022-27664	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M CVE-2022-32148	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M HTTP Request Smuggling	<1:1.2.0-1.module_el8.8.0+3470+252b1910
H Incorrect Default Permissions	<1:1.0.1-2.module_el8.6.0+2878+e681bc44
H Incorrect Default Permissions	<1:1.0.1-2.module_el8.6.0+2878+e681bc44
H Incorrect Default Permissions	<1:1.0.1-2.module_el8.6.0+2878+e681bc44
H Allocation of Resources Without Limits or Throttling	<1:1.0.1-2.module_el8.6.0+2878+e681bc44
H Improper Privilege Management	<1:1.0.1-2.module_el8.6.0+2878+e681bc44
M Allocation of Resources Without Limits or Throttling	<1:1.2.0-1.module_el8.8.0+3470+252b1910
M Use of Insufficiently Random Values	<1:1.2.0-1.module_el8.8.0+3470+252b1910

Vulnerability

Vulnerable Version

Directory Traversal

<1:1.4.0-5.module_el8.10.0+3926+f12484f5

Information Exposure

<1:1.4.0-5.module_el8.10.0+3926+f12484f5

CVE-2021-33198

<1:1.4.0-5.module_el8.10.0+3926+f12484f5

Directory Traversal

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

Improper Input Validation

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

Link Following

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2024-34158

<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7

CVE-2024-34156

<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7

CVE-2024-34155

<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7

CVE-2024-24791

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2024-24788

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

Information Exposure Through Log Files

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2024-37298

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

Improper Validation of Integrity Check Value

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2024-24789

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2024-24784

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2024-24783

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

Memory Leak

<1:1.4.0-5.module_el8.10.0+3876+e55593a8

CVE-2023-45290

<1:1.4.0-5.module_el8.10.0+3901+4b80ecd7

CVE-2024-28176

<1:1.4.0-2.module_el8.10.0+3858+6ad51f9f

CVE-2024-28180

<1:1.4.0-2.module_el8.10.0+3858+6ad51f9f

CVE-2024-24786

<1:1.4.0-2.module_el8.10.0+3792+03eaed9c

CVE-2022-41715

<1:1.4.0-2.module_el8.10.0+3792+03eaed9c

HTTP Request Smuggling

<1:1.4.0-2.module_el8.10.0+3792+03eaed9c

Link Following

<1:1.4.0-2.module_el8.10.0+3792+03eaed9c

Exposure of Resource to Wrong Sphere

<1:1.3.0-8.module_el8.9.0+3717+81096349

Cross-site Scripting (XSS)