Lucene search
K

303 matches found

SUSE CVE
SUSE CVE
added 2026/04/08 11:26 p.m.5 views

SUSE CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

7CVSS6.3AI score0.00658EPSS
Exploits0References12
EUVD
EUVD
added 2026/04/08 3:31 p.m.8 views

EUVD-2025-209300

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

6.4CVSS6.1AI score0.00113EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/08 1:55 p.m.4 views

CVE-2025-58713

A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

6.4CVSS6.1AI score0.00145EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/08 1:55 p.m.5 views

CVE-2025-58713 Rhpam: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

6.4CVSS6.1AI score0.00145EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 1:55 p.m.25 views

CVE-2025-57853 Web-terminal: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...

6.4CVSS0.00158EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/08 1:55 p.m.2 views

CVE-2025-57851

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

6.4CVSS6.1AI score0.00113EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/08 1:55 p.m.9 views

CVE-2025-57853

A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...

6.4CVSS6.1AI score0.00158EPSS
Exploits0References3
OSV
OSV
added 2026/04/08 2:16 a.m.3 views

DEBIAN-CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

8.8CVSS6.2AI score0.00658EPSS
Exploits0References1
NVD
NVD
added 2026/04/08 2:16 a.m.3 views

CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

9CVSS0.00658EPSS
Exploits0References21
OSV
OSV
added 2026/04/08 2:16 a.m.6 views

UBUNTU-CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

9CVSS6.3AI score0.00658EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/04/08 2:16 a.m.4 views

CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

8.8CVSS6.5AI score0.00658EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/08 1:6 a.m.4 views

CVE-2026-27140 Code execution vulnerability in SWIG code generation in cmd/go

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

6.4AI score0.00658EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/08 1:6 a.m.3 views

EUVD-2026-20002

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

6.5AI score0.00658EPSS
Exploits0References4
CVE
CVE
added 2026/04/08 1:6 a.m.42 views

CVE-2026-27140

CVE-2026-27140 affects Go toolchain components (Go golang and related tooling) via SWIG file name handling. The issue arises when SWIG file names containing 'cgo' enable code smuggling and arbitrary code execution at build time due to a trust-layer bypass. Connected advisories (Red Hat RHSA advis...

9CVSS6.5AI score0.00658EPSS
Exploits0References21Affected Software1
Debian CVE
Debian CVE
added 2026/04/08 1:6 a.m.9 views

CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

9CVSS6.2AI score0.00658EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/08 1:6 a.m.3 views

CVE-2026-27140

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

9CVSS6.4AI score0.00658EPSS
Exploits0
Snyk
Snyk
added 2026/04/08 12:16 a.m.2 views

Directory Traversal

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to Directory Traversal in the toSSG function when handling dynamic route parameters provided via ssgParams. An attacker can cause files to be written outside the intended output directory by...

7.5CVSS6.2AI score0.00532EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.10 views

PT-2026-31282

Summary A path traversal issue in toSSG allows files to be written outside the configured output directory during static site generation. When using dynamic route parameters via ssgParams, specially crafted values can cause generated file paths to escape the intended output directory. Details The...

5.9CVSS5.8AI score0.00532EPSS
Exploits1References5
OSV
OSV
added 2026/04/07 10:53 p.m.5 views

GO-2026-4871 Code execution vulnerability in SWIG code generation in cmd/go

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass...

9CVSS6.4AI score0.00658EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.8 views

PT-2026-31058

Name of the Vulnerable Software and Affected Versions SWIG affected versions not specified Description SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass. Recommendations At the moment, there...

10CVSS6.3AI score0.00658EPSS
Exploits0References435
Rows per page
Query Builder