1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2023-327346caa5

[FEDORA-2023-327346caa5] Fedora 39: podman-tui

Severity High
Affected Packages 1
CVEs 3
Info Packages References Vulnerabilities

podman-tui v0.12.0 + security fix for CVE-2023-39325 and CVE-2022-41717 and
CVE-2022-41723

Package Affected Version
pkg:rpm/fedora/podman-tui?distro=fedora-39 < 0.12.0.1.fc39
ID
FEDORA-2023-327346caa5
Severity
high
Severity from
CVE-2023-39325
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2023-327346caa5
Published
2023-11-20T01:22:12
(10 months ago)
Modified
2023-11-20T01:22:12
(10 months ago)
Rights
Copyright 2023 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2248400 Bug #2248400 - podman-tui: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2248400
Bugzilla 2163285 Bug #2163285 - CVE-2022-41717 podman-tui: golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2163285
Bugzilla 2178479 Bug #2178479 - CVE-2022-41723 podman-tui: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2178479
Bugzilla 2174538 Bug #2174538 - podman-tui: containerd: Supplementary groups are not set up properly [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2174538
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/podman-tui?distro=fedora-39 fedora podman-tui < 0.12.0.1.fc39 fedora-39
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date