Lucene search
K

32 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/07/19 9:46 p.m.44 views

Security Bulletin: IBM Storage Ceph is vulnerable to assorted vulnerabilities in Grafana

Summary Moby is used by IBM Storage Ceph in Grafana as part of Metrics. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2021-21285, CVE-2021-31525, CVE-2021-3121, CVE-2022-34038, CVE-2021-41103, CVE-2021-41089, CVE-2020-29652, CVE-2022-27536, CVE-2021-44716...

8.6CVSS9.2AI score0.06604EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.28 views

Amazon Linux 2 : docker (ALASECS-2023-015)

The version of docker installed on the remote host is prior to 20.10.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-015 advisory. A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under...

6.8CVSS6.9AI score0.03287EPSS
Exploits0References6
Amazon
Amazon
added 2021/11/18 12:0 a.m.33 views

Medium: docker

Issue Overview: A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under /var/lib/docker/, leading to possible privilege escalation to the root user in the host. The highest threat from this vulnerability is to data integrity...

6.8CVSS7.3AI score0.03287EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/11/15 12:0 a.m.35 views

Amazon Linux AMI : docker (ALAS-2021-1550)

The version of docker installed on the remote host is prior to 20.10.7-2.69. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1550 advisory. A flaw was found in the userns-remap feature of Docker. The root user in the remapped namespace can modify files under...

6.8CVSS6.9AI score0.03287EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.29 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Vulnerability (NS-SA-2021-0097)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd...

6.5CVSS7AI score0.03287EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.38 views

NewStart CGSL MAIN 6.02 : docker-ce Multiple Vulnerabilities (NS-SA-2021-0124)

The remote NewStart CGSL host, running version MAIN 6.02, has docker-ce packages installed that are affected by multiple vulnerabilities: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege...

6.8CVSS7AI score0.03287EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.26 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Vulnerability (NS-SA-2021-0181)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd...

6.5CVSS7AI score0.03287EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/03 12:48 p.m.36 views

Security Bulletin: IBM Cloud Private is vulnerable to Docker vulnerabilities (CVE-2021-21285, CVE-2021-21284)

Summary IBM Cloud Private is vulnerable to Docker vulnerabilities Vulnerability Details CVEID: CVE-2021-21285 DESCRIPTION: Docker is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to pull a specially-crafted Docker image, a remote attacker could...

6.8CVSS0.8AI score0.03287EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/10 12:0 a.m.72 views

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:1954-1 Rating: important References: 1168481 1175081 1175821 1181594 1181641 1181677 1181730 1181732 1181749 1182451 1182476 1182947 1183024 1183855 1184768 1184962 1185405 Cross-References:...

8.4CVSS8.3AI score0.06604EPSS
Exploits0References17
CBLMariner
CBLMariner
added 2021/07/08 9:57 p.m.25 views

CVE-2021-21285 affecting package moby-cli 19.03.15-2

CVE-2021-21285 affecting package moby-cli 19.03.15-2. An upgraded version of the package is available that resolves this issue...

6.5CVSS9.4AI score0.03287EPSS
Exploits0
CBLMariner
CBLMariner
added 2021/07/08 9:56 p.m.18 views

CVE-2021-21285 affecting package moby-buildx 0.4.1-3

CVE-2021-21285 affecting package moby-buildx 0.4.1-3. An upgraded version of the package is available that resolves this issue...

6.5CVSS9.4AI score0.03287EPSS
Exploits0
CBLMariner
CBLMariner
added 2021/07/08 9:56 p.m.20 views

CVE-2021-21285 affecting package moby-engine 19.03.15-2

CVE-2021-21285 affecting package moby-engine 19.03.15-2. An upgraded version of the package is available that resolves this issue...

6.5CVSS9.4AI score0.03287EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2021/06/16 12:0 a.m.68 views

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:0878-1 Rating: important References: 1168481 1175081 1175821 1181594 1181641 1181677 1181730 1181732 1181749 1182451 1182476 1182947 1183024 1183855 1184768 1184962 1185405 Cross-References:...

8.4CVSS8.3AI score0.06604EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2021/06/12 12:0 a.m.105 views

SUSE SLES15: containerd / docker / docker-bash-completion / etc (SUSE-SU-2021:1954-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1954-1 advisory. Docker was updated to 20.10.6-ce bsc1184768, bsc1182947, bsc1181594 Switch version to use -ce suffix rather than ce to avoid...

8.5CVSS6.7AI score0.06604EPSS
Exploits0References26
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:0445-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.8AI score0.03287EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/07 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2021-1943)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.03287EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.32 views

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2021-1922)

According to the version of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashe...

6.5CVSS7AI score0.03287EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.26 views

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2021-1943)

According to the version of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashe...

6.5CVSS7AI score0.03287EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/05/19 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2021-1869)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.03287EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.30 views

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2021-1869)

According to the version of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashe...

6.5CVSS7AI score0.03287EPSS
Exploits0References2
Rows per page
Query Builder