Memory Consumption Vulnerability in Red Hat Container Image Pulling
CVE-2020-1702

3.3LOW

Key Information:

Vendor: Containers-image Project
Status: Containers/image
Vendor: CVE Published:; 27 May 2021

🔔 Create Containers-image Project Vulnerability Alert

What is CVE-2020-1702?

A security vulnerability allows a malicious container image to exploit unbounded memory consumption when pulled to a container runtime host, such as Red Hat's podman or OpenShift. This could lead to the crashing of the image-pulling process for users with the necessary privileges, creating potential disruptions in service and operational inefficiencies. The issue affects all versions of containers-image prior to 5.2.0, making users vulnerable to attacks that could lead to denial-of-service scenarios.

Affected Version(s)

containers/image containers-image 5.2.0

References

https://bugzilla.redhat.com/show_bug.cgi?id=1792796

x_refsource_MISC

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2021
Vulnerability Reserved
Nov 27, 2019

CVE-2020-1702 Data

JSON