Max CVSS | 5.1 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-8945 | 5.1 |
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
|
18-10-2022 - 17:59 | 12-02-2020 - 18:15 | |
CVE-2020-1702 | 4.3 |
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with p
|
10-06-2021 - 15:16 | 27-05-2021 - 20:15 |