Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2022/05/20 10:47 p.m.27 views

CVE-2021-29136

Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...

5.5CVSS5.8AI score0.00344EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2022-0006)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.9AI score0.02085EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/07/28 12:0 a.m.31 views

openSUSE 15 Security Update : umoci (openSUSE-SU-2021:1863-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1863-1 advisory. - Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal...

5.5CVSS6.5AI score0.00344EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/07/28 12:0 a.m.17 views

openSUSE: Security Advisory for umoci (openSUSE-SU-2021:1863-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.00344EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/07/28 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2021:1863-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.7AI score0.00344EPSS
Exploits0References2
OSV
OSV
added 2021/07/27 2:23 p.m.5 views

OPENSUSE-SU-2021:1863-1 Security update for umoci

This update for umoci fixes the following issues: Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147...

5.5CVSS5.8AI score0.00344EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/07/27 12:0 a.m.31 views

SUSE SLED15 / SLES15 Security Update : umoci (SUSE-SU-2021:1863-2)

The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:1863-2 advisory. Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. Tenable has extracted the...

5.5CVSS6.7AI score0.00344EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.23 views

openSUSE Security Update : umoci (openSUSE-2021-846)

This update for umoci fixes the following issues : Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

5.5CVSS6.2AI score0.00344EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2021:1863-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00344EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/08 12:0 a.m.13 views

openSUSE: Security Advisory for umoci (openSUSE-SU-2021:0846-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.00344EPSS
Exploits0References2
OSV
OSV
added 2021/06/07 5:3 a.m.2 views

OPENSUSE-SU-2021:0846-1 Security update for umoci

This update for umoci fixes the following issues: Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. This update was imported from the SUSE:SLE-15:Update update project...

5.5CVSS5.8AI score0.00344EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/06/07 12:0 a.m.26 views

Security update for umoci (important)

openSUSE Security Update: Security update for umoci Announcement ID: openSUSE-SU-2021:0846-1 Rating: important References: 1184147 Cross-References: CVE-2021-29136 CVSS scores: CVE-2021-29136 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2021-29136 SUSE: 7.3...

7.3CVSS6.7AI score0.00344EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/06/07 12:0 a.m.27 views

SUSE SLES15 Security Update : umoci (SUSE-SU-2021:1863-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:1863-1 advisory. - Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. Tenable has extracted the...

5.5CVSS6.7AI score0.00344EPSS
Exploits0References4
OSV
OSV
added 2021/05/30 12:5 p.m.6 views

OPENSUSE-SU-2021:0810-1 Security update for singularity

This update for singularity fixes the following issues: singularity was updated to version 3.7.3: - Fix for CVE-2021-29136: A dependency used to extract docker/OCI image layers can be tricked into modifying host files by creating a malicious layer that has a symlink with the name '.' or '/', when...

5.5CVSS5.7AI score0.00344EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/05/30 12:0 a.m.26 views

Security update for singularity (moderate)

openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2021:0810-1 Rating: moderate References: 1184147 Cross-References: CVE-2021-29136 CVSS scores: CVE-2021-29136 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2021-29136 SUSE: 7.3...

7.3CVSS6.7AI score0.00344EPSS
Exploits0References1
OSV
OSV
added 2021/05/06 11:2 a.m.3 views

OESA-2021-1151 umoci security update

Umoci modifies Open Container images. Umoci intends to be a complete manipulation tool for OCI images. In particular, it should be seen as a more end-user-focused version of the oci-image-tools provided by the OCI. Security Fixes: Open Container Initiative umoci before 0.4.7 allows attackers to...

5.5CVSS6.9AI score0.00344EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2021:1116-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00344EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.18 views

openSUSE: Security Advisory for umoci (openSUSE-SU-2021:0548-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.00344EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/14 12:0 a.m.26 views

openSUSE Security Update : umoci (openSUSE-2021-548)

This update for umoci fixes the following issues : - Update to umoci v0.4.6. - CVE-2021-29136: malicious layer allows overwriting of host files bsc1184147 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks ...

5.5CVSS6.2AI score0.00344EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/12 12:0 a.m.27 views

SUSE SLES15 Security Update : umoci (SUSE-SU-2021:1116-1)

This update for umoci fixes the following issues : Update to umoci v0.4.6. CVE-2021-29136: malicious layer allows overwriting of host files bsc1184147 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted t...

5.5CVSS6.2AI score0.00344EPSS
Exploits0References4
Rows per page
Query Builder