Search for packages
| purl | pkg:rpm/redhat/docker@2:1.13.1-161.git64e9980?arch=el7_8 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2h42-q2a4-xba5
Aliases: CVE-2020-1702 |
containers/image: Container images read entire image manifest into memory | There are no reported fixed by versions. |
|
VCID-vfxz-vfmr-w3d1
Aliases: CVE-2020-8945 GHSA-m6wg-2mwg-4rfq |
GPGME Go wrapper contains Use After Free The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. | There are no reported fixed by versions. |
|
VCID-zex4-9xyf-6yf1
Aliases: CVE-2019-16884 GHSA-fgv8-vj5c-2ppq |
Multiple vulnerabilities have been discovered in runC, the worst of which may lead to privilege escalation. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:16:07.834975+00:00 | RedHat Importer | Affected by | VCID-zex4-9xyf-6yf1 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json | 38.0.0 |
| 2026-04-01T14:14:03.713556+00:00 | RedHat Importer | Affected by | VCID-vfxz-vfmr-w3d1 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8945.json | 38.0.0 |
| 2026-04-01T14:14:02.968804+00:00 | RedHat Importer | Affected by | VCID-2h42-q2a4-xba5 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1702.json | 38.0.0 |