Lucene search
OracleLinuxELSA-2023-7765HistoryDec 14, 2023 - 12:00 a.m.
podman security update
2023-12-1400:00:00
linux.oracle.com
6
podman security update
cve-2023-39318
cve-2023-39319
cve-2023-39321
cve-2023-39322
cve-2023-29409
resolves
orabug
github
jira
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.0%
[2:4.6.1-7.0.1]
- Rebuild for following CVEs:
CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 CVE-2023-29409 - Resolves: #2228743
- Resolves: #2237773
- Resolves: #2237776
- Resolves: #2237777
- Resolves: #2237778
[2:4.6.1-6.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[2:4.6.1-6] - update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/68e7ae0) - Related: Jira:RHEL-2112
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | podman | < 4.6.1-7.0.1.el9_3 | podman-4.6.1-7.0.1.el9_3.src.rpm |
| oracle linux | 9 | aarch64 | podman | < 4.6.1-7.0.1.el9_3 | podman-4.6.1-7.0.1.el9_3.aarch64.rpm |
| oracle linux | 9 | noarch | podman-docker | < 4.6.1-7.0.1.el9_3 | podman-docker-4.6.1-7.0.1.el9_3.noarch.rpm |
| oracle linux | 9 | aarch64 | podman-gvproxy | < 4.6.1-7.0.1.el9_3 | podman-gvproxy-4.6.1-7.0.1.el9_3.aarch64.rpm |
| oracle linux | 9 | aarch64 | podman-plugins | < 4.6.1-7.0.1.el9_3 | podman-plugins-4.6.1-7.0.1.el9_3.aarch64.rpm |
| oracle linux | 9 | aarch64 | podman-remote | < 4.6.1-7.0.1.el9_3 | podman-remote-4.6.1-7.0.1.el9_3.aarch64.rpm |
| oracle linux | 9 | aarch64 | podman-tests | < 4.6.1-7.0.1.el9_3 | podman-tests-4.6.1-7.0.1.el9_3.aarch64.rpm |
| oracle linux | 9 | src | podman | < 4.6.1-7.0.1.el9_3 | podman-4.6.1-7.0.1.el9_3.src.rpm |
| oracle linux | 9 | x86_64 | podman | < 4.6.1-7.0.1.el9_3 | podman-4.6.1-7.0.1.el9_3.x86_64.rpm |
| oracle linux | 9 | noarch | podman-docker | < 4.6.1-7.0.1.el9_3 | podman-docker-4.6.1-7.0.1.el9_3.noarch.rpm |
Related
nessus
nessus
Oracle Linux 9 : buildah (ELSA-2023-7764)
2023-12-15 00:00:00
RHEL 9 : skopeo (RHSA-2023:7762)
2023-12-12 00:00:00
Oracle Linux 9 : containernetworking-plugins (ELSA-2023-7766)
2023-12-14 00:00:00
redhat
redhat
(RHSA-2023:7766) Moderate: containernetworking-plugins security update
2023-12-12 16:42:36
(RHSA-2023:7765) Moderate: podman security update
2023-12-12 16:42:34
(RHSA-2023:7764) Moderate: buildah security update
2023-12-12 16:42:31
oraclelinux
oraclelinux
skopeo security update
2023-12-13 00:00:00
containernetworking-plugins security update
2023-12-13 00:00:00
buildah security update
2023-12-14 00:00:00
almalinux
almalinux
Moderate: podman security update
2023-12-12 00:00:00
Moderate: skopeo security update
2023-12-12 00:00:00
Moderate: containernetworking-plugins security update
2023-12-12 00:00:00
ibm
ibm
osv
osv
Moderate: podman security update
2023-12-12 00:00:00
Moderate: containernetworking-plugins security update
2023-12-12 00:00:00
Moderate: buildah security update
2023-12-12 00:00:00
freebsd
freebsd
go -- multiple vulnerabilities
2023-09-06 00:00:00
openvas
openvas
openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:3701-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3840-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2023-3178)
2023-11-10 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-4.0-0484
2023-10-05 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0108
2023-10-05 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0665
2023-10-10 00:00:00
redhatcve
redhatcve
prion
prion
Code injection
2023-09-08 17:15:00
Design/Logic Flaw
2023-09-08 17:15:00
Hardcoded credentials
2023-09-08 17:15:00
cgr
cgr
CVE-2023-39321 vulnerabilities
2024-05-19 03:07:16
CVE-2023-39322 vulnerabilities
2024-05-19 03:07:16
cve
cve
amazon
amazon
Important: golang
2023-10-16 13:45:00
Medium: nerdctl
2023-08-17 11:58:00
Medium: cri-tools
2023-08-31 22:28:00
debiancve
debiancve
nvd
nvd
cvelist
cvelist
veracode
veracode
Cross-Site Scripting (XSS)
2023-10-02 20:15:16
Cross-Site Scripting (XSS)
2023-10-03 07:01:30
Denial Of Service (DoS)
2023-10-02 20:14:46
alpinelinux
alpinelinux
cbl_mariner
cbl_mariner
CVE-2023-39318 affecting package golang for versions less than 1.20.10-1
2024-07-03 03:08:31
CVE-2023-39318 affecting package golang for versions less than 1.20.10-1
2024-07-03 03:08:37
ubuntucve
ubuntucve
wolfi
wolfi
CVE-2023-39322 vulnerabilities
2024-07-03 09:08:38
CVE-2023-39321 vulnerabilities
2024-07-03 09:08:38
CVE-2023-39319 vulnerabilities
2024-07-03 09:08:38
githubexploit
githubexploit
Exploit for Uncontrolled Resource Consumption in Golang Go
2023-08-21 15:59:26
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.0%
Related for ELSA-2023-7765