Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2020:1234
HistoryMar 31, 2020 - 11:31 p.m.

(RHSA-2020:1234) Moderate: docker security and bug fix update

2020-03-3123:31:53
access.redhat.com
105

0.012 Low

EPSS

Percentile

85.1%

JSON

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.

Security Fix(es):

  • runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884)

  • proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945)

  • containers/image: Container images read entire image manifest into memory (CVE-2020-1702)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Whitelist statx(2) in docker (BZ#1784228)

  • Upgrading docker resulting into increase Systemd logs (BZ#1791870)

  • docker should be linked against gpgme-pthread (BZ#1792243)

  • docker cannot be updated to 108 on rhos13 as a container fails to start with “pivot_root invalid argument” error. (BZ#1795376)

  • OVS pods are unable to stop when running under docker version 1.13.1-108 (BZ#1796451)

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64docker-logrotate< 1.13.1-161.git64e9980.el7_8docker-logrotate-1.13.1-161.git64e9980.el7_8.x86_64.rpm
RedHat7x86_64docker-debuginfo< 1.13.1-161.git64e9980.el7_8docker-debuginfo-1.13.1-161.git64e9980.el7_8.x86_64.rpm
RedHat7ppc64ledocker-logrotate< 1.13.1-161.git64e9980.el7_8docker-logrotate-1.13.1-161.git64e9980.el7_8.ppc64le.rpm
RedHat7s390xdocker< 1.13.1-161.git64e9980.el7_8docker-1.13.1-161.git64e9980.el7_8.s390x.rpm
RedHat7s390xdocker-v1.10-migrator< 1.13.1-161.git64e9980.el7_8docker-v1.10-migrator-1.13.1-161.git64e9980.el7_8.s390x.rpm
RedHat7ppc64ledocker< 1.13.1-161.git64e9980.el7_8docker-1.13.1-161.git64e9980.el7_8.ppc64le.rpm
RedHat7ppc64ledocker-rhel-push-plugin< 1.13.1-161.git64e9980.el7_8docker-rhel-push-plugin-1.13.1-161.git64e9980.el7_8.ppc64le.rpm
RedHat7s390xdocker-client< 1.13.1-161.git64e9980.el7_8docker-client-1.13.1-161.git64e9980.el7_8.s390x.rpm
RedHat7x86_64docker-client< 1.13.1-161.git64e9980.el7_8docker-client-1.13.1-161.git64e9980.el7_8.x86_64.rpm
RedHat7x86_64docker-lvm-plugin< 1.13.1-161.git64e9980.el7_8docker-lvm-plugin-1.13.1-161.git64e9980.el7_8.x86_64.rpm
Rows per page:
1-10 of 271

Related

nessus 62
redhat 27
fedora 8
veracode 4
cvelist 4
openvas 21
prion 4
redhatcve 4
suse 3
nvd 4
debiancve 2
cve 4
osv 16
ubuntucve 2
alpinelinux 1
github 2
mageia 1
amazon 1
altlinux 1
cbl_mariner 1
photon 9
debian 2
ubuntu 2
gentoo 1
rocky 2
almalinux 2
oraclelinux 6
ibm 2
nessus
nessus
RHEL 7 : docker (RHSA-2020:1234)
2020-04-01 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.4.3 cri-o (RHSA-2020:1937)
2020-05-05 00:00:00
Fedora 30 : 1:skopeo (2020-2a0aac3502)
2020-02-24 00:00:00
redhat
redhat
(RHSA-2020:1937) Moderate: OpenShift Container Platform 4.4.3 cri-o security update
2020-05-04 09:53:12
(RHSA-2020:0697) Moderate: OpenShift Container Platform 4.1.38 skopeo security update
2020-03-12 21:07:02
(RHSA-2020:0689) Moderate: OpenShift Container Platform 4.2.22 skopeo security update
2020-03-10 12:09:47
fedora
fedora
[SECURITY] Fedora 30 Update: skopeo-0.1.41-1.fc30
2020-02-24 01:13:25
[SECURITY] Fedora 31 Update: skopeo-0.1.41-1.fc31
2020-02-23 01:23:31
[SECURITY] Fedora 30 Update: podman-1.8.0-4.fc30
2020-03-09 20:55:26
veracode
veracode
Use After Free (UAF)
2020-02-13 05:13:18
Arbitrary File Read
2019-09-26 05:02:30
Denial Of Service (DoS)
2020-02-18 09:40:33
cvelist
cvelist
CVE-2020-8945
2020-02-12 17:20:43
CVE-2020-1702
2021-05-27 19:45:08
CVE-2019-16884
2019-09-25 00:00:00
openvas
openvas
Fedora: Security Advisory for skopeo (FEDORA-2020-f317e13ecf)
2020-02-23 00:00:00
Debian: Security Advisory (DLA-3322-1)
2023-02-19 00:00:00
Mageia: Security Advisory (MGASA-2020-0050)
2022-01-28 00:00:00
prion
prion
Design/Logic Flaw
2020-02-12 18:15:00
Design/Logic Flaw
2019-09-25 18:15:00
Code injection
2021-05-27 20:15:00
redhatcve
redhatcve
CVE-2020-8945
2022-05-14 11:39:44
CVE-2019-16884
2019-10-13 20:07:34
CVE-2020-1702
2020-01-22 04:10:00
suse
suse
Security update for docker-runc (moderate)
2019-10-31 00:00:00
Security update for docker-runc (moderate)
2019-11-05 00:00:00
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (moderate)
2020-01-14 00:00:00
nvd
nvd
CVE-2019-16884
2019-09-25 18:15:13
CVE-2020-8945
2020-02-12 18:15:10
CVE-2020-1702
2021-05-27 20:15:07
debiancve
debiancve
CVE-2019-16884
2019-09-25 18:15:13
CVE-2020-8945
2020-02-12 18:15:10
cve
cve
CVE-2020-8945
2020-02-12 18:15:10
CVE-2020-1702
2021-05-27 20:15:07
CVE-2019-16884
2019-09-25 18:15:13
osv
osv
GO-2020-0002
2021-04-14 20:04:52
CVE-2020-8945
2020-02-12 18:15:10
GPGME Go wrapper contains Use After Free
2021-05-18 15:29:42
ubuntucve
ubuntucve
CVE-2020-8945
2020-02-12 00:00:00
CVE-2019-16884
2019-09-25 00:00:00
alpinelinux
alpinelinux
CVE-2019-16884
2019-09-25 18:15:13
github
github
GPGME Go wrapper contains Use After Free
2021-05-18 15:29:42
Incorrect Authorization in runc
2022-02-22 15:38:08
mageia
mageia
Updated opencontainers-runc packages fix security vulnerability
2020-01-28 10:52:40
amazon
amazon
Important: runc
2021-12-28 23:55:00
altlinux
altlinux
Security fix for the ALT Linux 10 package runc version 1.0.0-alt10.rc9
2019-10-10 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-16884 affecting package moby-buildx 0.4.1-3
2021-07-08 21:56:42
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0241
2020-05-09 00:00:00
Important Photon OS Security Update - PHSA-2020-0241
2020-05-09 00:00:00
Important Photon OS Security Update - PHSA-2019-0186
2019-10-29 00:00:00
debian
debian
[SECURITY] [DLA 3322-1] golang-github-opencontainers-selinux security update
2023-02-18 17:16:16
[SECURITY] [DLA 3369-1] runc security update
2023-03-27 16:07:07
ubuntu
ubuntu
runC vulnerabilities
2021-08-10 00:00:00
runC vulnerabilities
2020-03-09 00:00:00
gentoo
gentoo
runC: Multiple vulnerabilities
2020-03-15 00:00:00
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2020-04-28 09:01:00
container-tools:rhel8 security and bug fix update
2019-12-17 09:19:28
almalinux
almalinux
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-04-28 09:01:00
Important: container-tools:rhel8 security and bug fix update
2019-12-17 09:19:28
oraclelinux
oraclelinux
container-tools:ol8 security, bug fix, and enhancement update
2020-05-05 00:00:00
container-tools:ol8 security and bug fix update
2020-04-15 00:00:00
container-tools:2.0 security update
2021-03-05 00:00:00
ibm
ibm
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from containerd, gnupg2, runc and IBM WebSphere Application Server Liberty
2022-10-20 12:19:36
Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data
2022-06-29 17:05:30

0.012 Low

EPSS

Percentile

85.1%

JSON
Related for RHSA-2020:1234
nessus62redhat27fedora8veracode4cvelist4openvas21prion4redhatcve4suse3nvd4debiancve2cve4osv16ubuntucve2alpinelinux1github2mageia1amazon1altlinux1cbl_mariner1photon9debian2ubuntu2gentoo1rocky2almalinux2oraclelinux6ibm2