Containers Image vulnerabilities

CVE-2020-1702 [LOW] CWE-400 CVE-2020-1702: A malicious container image can consume an unbounded amount of memory when being pulled to a contain A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw

CVE-2019-10214 [MEDIUM] CWE-522 CVE-2019-10214: The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Ente The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer