container-tools:rhel8/udica vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the container-tools:rhel8/udica package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Directory Traversal	<0:0.2.6-21.module_el8.10.0+3926+f12484f5
M Information Exposure	<0:0.2.6-21.module_el8.10.0+3926+f12484f5
M CVE-2021-33198	<0:0.2.6-21.module_el8.10.0+3926+f12484f5
H Directory Traversal	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H Improper Input Validation	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H Link Following	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H CVE-2024-34158	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H CVE-2024-34156	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H CVE-2024-34155	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
M CVE-2024-24791	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
M CVE-2024-24788	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H Information Exposure Through Log Files	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
H CVE-2024-37298	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
H Improper Validation of Integrity Check Value	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
H CVE-2024-24789	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
M CVE-2024-24784	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
M CVE-2024-24783	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
H Memory Leak	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
H CVE-2023-45290	<0:0.2.6-21.module_el8.10.0+3876+e55593a8
M CVE-2024-28176	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
M CVE-2024-28180	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
M CVE-2024-24786	<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f
H CVE-2022-41715	<0:0.2.6-21.module_el8.10.0+3845+87b84552
H HTTP Request Smuggling	<0:0.2.6-21.module_el8.10.0+3845+87b84552
H Link Following	<0:0.2.6-21.module_el8.10.0+3845+87b84552
H Exposure of Resource to Wrong Sphere	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Cross-site Scripting (XSS)	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Interpretation Conflict	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Arbitrary Code Injection	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Link Following	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Use of Incorrectly-Resolved Name or Reference	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Improper Preservation of Permissions	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Incorrect Authorization	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M CVE-2023-24540	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Arbitrary Code Injection	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Arbitrary Code Injection	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Integer Overflow or Wraparound	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Allocation of Resources Without Limits or Throttling	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Resource Exhaustion	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Allocation of Resources Without Limits or Throttling	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Resource Exhaustion	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M CVE-2022-41723	<0:0.2.6-20.module_el8.8.0+3615+3543c705
M Resource Exhaustion	<0:0.2.6-20.module_el8.8.0+3615+3543c705
L Placement of User into Incorrect Group	<0:0.2.6-3.module_el8.7.0+3344+484dae7b
M Time-of-check Time-of-use (TOCTOU)	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M CVE-2022-32189	<0:0.2.6-20.module_el8.8.0+3470+252b1910
L Placement of User into Incorrect Group	<0:0.2.6-3.module_el8.7.0+3344+484dae7b
M CVE-2022-27664	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M CVE-2022-32148	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Uncontrolled Recursion	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M HTTP Request Smuggling	<0:0.2.6-20.module_el8.8.0+3470+252b1910
H Incorrect Default Permissions	<0:0.2.6-2.module_el8.6.0+2877+8e437bf5
H Incorrect Default Permissions	<0:0.2.6-2.module_el8.6.0+2877+8e437bf5
H Incorrect Default Permissions	<0:0.2.6-2.module_el8.6.0+2877+8e437bf5
H Allocation of Resources Without Limits or Throttling	<0:0.2.6-2.module_el8.6.0+2877+8e437bf5
H Improper Privilege Management	<0:0.2.6-2.module_el8.6.0+2877+8e437bf5
M Allocation of Resources Without Limits or Throttling	<0:0.2.6-20.module_el8.8.0+3470+252b1910
M Use of Insufficiently Random Values	<0:0.2.6-20.module_el8.8.0+3470+252b1910

Vulnerability

Vulnerable Version

Directory Traversal

<0:0.2.6-21.module_el8.10.0+3926+f12484f5

Information Exposure

<0:0.2.6-21.module_el8.10.0+3926+f12484f5

CVE-2021-33198

<0:0.2.6-21.module_el8.10.0+3926+f12484f5

Directory Traversal

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

Improper Input Validation

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

Link Following

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-34158

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-34156

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-34155

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-24791

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-24788

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

Information Exposure Through Log Files

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2024-37298

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

Improper Validation of Integrity Check Value

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2024-24789

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2024-24784

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-24783

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

Memory Leak

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2023-45290

<0:0.2.6-21.module_el8.10.0+3876+e55593a8

CVE-2024-28176

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2024-28180

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2024-24786

<0:0.2.6-21.module_el8.10.0+3858+6ad51f9f

CVE-2022-41715

<0:0.2.6-21.module_el8.10.0+3845+87b84552

HTTP Request Smuggling

<0:0.2.6-21.module_el8.10.0+3845+87b84552

Link Following

<0:0.2.6-21.module_el8.10.0+3845+87b84552

Exposure of Resource to Wrong Sphere