buildah vulnerabilities

Known vulnerabilities in the buildah package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Improper Authorization	*
M Directory Traversal	*
H Information Exposure	*
M Link Following	*
M Improper Input Validation	*
M Use of Uninitialized Variable	*
H Uncontrolled Recursion	*
M Improper Validation of Integrity Check Value	*
M Improper Validation of Integrity Check Value	*
M Improper Validation of Integrity Check Value	*
H Memory Leak	*
H Memory Leak	*
H Link Following	*
H Link Following	*
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M Truncation of Security-relevant Information	*
M Information Exposure	*
M Resource Exhaustion	*
H Resource Exhaustion	*
M CVE-2023-39321	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Directory Traversal	*
M Improper Handling of Unicode Encoding	*
M Improper Handling of Unicode Encoding	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M Arbitrary Code Injection	*
M Resource Exhaustion	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Placement of User into Incorrect Group	*
L Placement of User into Incorrect Group	*
M Placement of User into Incorrect Group	*
M Allocation of Resources Without Limits or Throttling	*
M Link Following	*
M Link Following	*
M Link Following	*
L Directory Traversal	*
L Directory Traversal	*
L Directory Traversal	*
M CVE-2022-41715	*
M Allocation of Resources Without Limits or Throttling	*
M HTTP Request Smuggling	*
M Directory Traversal	*
M Resource Exhaustion	*
L Placement of User into Incorrect Group	*
L Placement of User into Incorrect Group	*
L Placement of User into Incorrect Group	*
L Resource Exhaustion	*
M Information Exposure	*
M Improperly Controlled Sequential Memory Allocation	*
M HTTP Request Smuggling	*
L Insufficient Entropy	*
L Insufficient Entropy	*
M Incorrect Default Permissions	*
L Incorrect Default Permissions	*
M Incorrect Default Permissions	*
M Missing Release of Resource after Effective Lifetime	*
M Missing Release of Resource after Effective Lifetime	*
M Missing Release of Resource after Effective Lifetime	*
M Integer Overflow or Wraparound	*
M Race Condition	*
M Improper Input Validation	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.11.6-12.el7_9
H Directory Traversal	<0:1.11.6-11.el7_8
H Resource Exhaustion	<0:1.11.6-11.el7_8
M Incorrect Calculation	*
M Information Exposure	*
M Information Exposure	*
M Information Exposure	*
M Improper Input Validation	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Locking	*
M Improper Locking	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Use After Free	<0:1.11.6-8.el7_8
M Improper Validation of Array Index	*
M Improper Validation of Array Index	*

Vulnerability

Vulnerable Version

Improper Authorization