INFSA-2024:4246: container-tools security update
Information about definition
Identificator: INFSA-2024:4246
Type: security
Release date: 2024-10-10 05:35:35 UTC
Information about package
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Vulnerabilities description
- CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-24786
|
no information | 5.9 | no information |
Updated packages