VIR Vulnerability Intelligence Relay

CVE-2020-10696

high
Published 2021-05-18 · Modified 2020-04-28
CVSS v3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2
VIR risk
8.0

Description

Important: container-tools:2.0 security update

Predictions

Exploit likelihood
30%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2020-1931.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2020-1932.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2020-1926.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2020:1926

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2020:1931

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2020:1932

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2020-10696

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2020-10696.html

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debianbookwormfixed1.11.6-2
debian debianbullseyefixed1.11.6-2
debian debianforkyfixed1.11.6-2
debian debiansidfixed1.11.6-2
debian debiantrixiefixed1.11.6-2
rockylinux rocky8fixed

Package impact
EcosystemPackageVulnerableFixed
golang Gogithub.com/containers/buildah<1.14.41.14.4

References

Verify integrity in audit chain (admin only). AS-IS.