github.com/containernetworking/cni is vulnerable to arbitrary path injection. A user is be able to change the type: field in a CNI configuration to an arbitrary path and could execute arbitrary binaries on a host.

References

bugzilla.redhat.com/show_bug.cgi?id=1919391

github.com/containernetworking/cni/pull/808

osv 7

nessus 15

prion 1

openvas 19

redhatcve 1

fedora 5

alpinelinux 1

ubuntucve 1

debiancve 1

cvelist 1

redhat 8

github 1

cve 1

nvd 1

suse 3

ibm 2

mageia 1

osv

containernetworking/cni improper limitation of path name

2022-02-15 01:57:18

Improper limitation of path name in github.com/containernetworking/cni

2022-07-01 20:17:57

CVE-2021-20206

2021-03-26 22:15:00

nessus

SUSE SLES15 Security Update : cni (SUSE-SU-2022:4150-1)

2022-11-23 00:00:00

SUSE SLES15 Security Update : cni-plugins (SUSE-SU-2022:4593-1)

2022-12-21 00:00:00

SUSE SLES15 Security Update : cni (SUSE-SU-2022:4592-1)

2022-12-21 00:00:00

prion

Design/Logic Flaw

2021-03-26 22:15:00

openvas

SUSE: Security Advisory (SUSE-SU-2022:4593-1)

2022-12-21 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:4592-1)

2022-12-21 00:00:00

Fedora: Security Advisory for containers-common (FEDORA-2021-fb466fb623)

2021-02-26 00:00:00

redhatcve

CVE-2021-20206

2021-02-05 06:22:02

fedora

[SECURITY] Fedora 33 Update: containernetworking-plugins-0.9.1-2.fc33

2021-02-26 01:09:46

[SECURITY] Fedora 33 Update: containers-common-1-4.fc33

2021-02-26 01:09:46

[SECURITY] Fedora 33 Update: podman-3.0.1-1.fc33

2021-02-26 01:09:46

alpinelinux

CVE-2021-20206

2021-03-26 22:15:12

ubuntucve

CVE-2021-20206

2021-03-26 00:00:00

debiancve

CVE-2021-20206

2021-03-26 22:15:12

cvelist

CVE-2021-20206

2021-03-26 21:34:58

redhat

(RHSA-2021:3001) Moderate: Red Hat OpenShift Container Platform for Windows Containers 3.0.0 security and bug fix update

2021-08-03 20:25:16

(RHSA-2022:1660) Moderate: Red Hat OpenShift support for Windows Containers 2.0.5 [security update]

2022-05-02 05:49:56

(RHSA-2021:1005) Moderate: OpenShift Container Platform 4.7.5 security and bug fix update

2021-04-05 13:47:03

github

containernetworking/cni improper limitation of path name

2022-02-15 01:57:18

cve

CVE-2021-20206

2021-03-26 22:15:12

nvd

CVE-2021-20206

2021-03-26 22:15:12

suse

Security update for buildah (moderate)

2022-03-09 00:00:00

Security update for buildah (important)

2022-10-19 00:00:00

Security update for buildah (important)

2022-10-26 00:00:00

ibm

Security Bulletin: IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities

2023-05-31 05:42:24

Security Bulletin: Multiple vulnerabilities affect IBM® Db2® On Openshift and IBM® Db2® and Db2 Warehouse® on Cloud Pak for Data

2022-06-29 17:05:30

mageia

Updated skopeo/buildah/podman packages fix security vulnerability

2023-07-07 08:54:45

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.001

Percentile

47.3%

JSON

Related for VERACODE:29294