Lucene search
+L

9 matches found

osv
osv
added 2026/07/01 7:16 p.m.8 views

DEBIAN-CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

6.5CVSS5.9AI score0.00208EPSS
Exploits0References1
osv
osv
added 2026/07/01 6:10 p.m.3 views

CVE-2026-53489 containerd: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS6AI score0.00208EPSS
Exploits0References3
debiancve
debiancve
added 2026/07/01 6:10 p.m.10 views

CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS5.9AI score0.00208EPSS
Exploits0
cgr
cgr
added 2026/06/23 8:16 a.m.8 views

CVE-2026-53489 vulnerabilities

Vulnerabilities for packages: kube-mgmt-fips, kots, helm-operator-fips, tw, tigera-operator, datadog-agent, harvester-fips, syft-fips, grype-fips, newrelic-infrastructure-agent-fips, dagger, newrelic-infrastructure-agent, rancher-helm, redpanda-operator, packer-fips, gitlab-rails-ce,...

8.2CVSS6.1AI score0.00208EPSS
Exploits0
osv
osv
added 2026/06/22 12:0 a.m.7 views

UBUNTU-CVE-2026-53489

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a checkpoint image without validating a symlinked path. This could result in reading an arbitrary file on the host via kubectl logs. This issue h...

8.2CVSS6.1AI score0.00208EPSS
Exploits0References5
nessus
nessus
added 2026/06/22 12:0 a.m.25 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1897)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1897 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via...

9.9CVSS6.2AI score0.00412EPSS
Exploits0References12
wolfi
wolfi
added 2026/06/20 8:22 p.m.10 views

CVE-2026-53489 vulnerabilities

Vulnerabilities for packages: containerd, docker-compose, spegel, grype, envoy-gateway, xeol, k3s, eksctl, linkerd2, zarf, kubescape, gatekeeper, tw, zot, helm, syft, helm-push, trivy-operator, wolfictl, manifest-tool, kubevela, docker-cli-buildx, tigera-operator, steampipe, helm-mapkubeapis,...

8.2CVSS6.1AI score0.00208EPSS
Exploits0
nessus
nessus
added 2026/06/20 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53489

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a bug where the CRI plugin restores container.log from a...

8.2CVSS6.2AI score0.00208EPSS
Exploits0References2
circl
circl
added 2026/06/19 1:31 a.m.10 views

CVE-2026-53489

creationtimestamp| type| source ---|---|--- 2026-06-19 01:31:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mom72udh7u25 2026-07-01 20:26:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpme3nnwiy2b 2026-07-02 10:22:25+00:00| seen|...

8.2CVSS5.8AI score0.00208EPSS
Exploits0References3
Rows per page
Query Builder