Lucene search
K

71 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.7 views

RHCOS 4 : OpenShift Container Platform 4.3.13 runc (RHSA-2020:1485)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1485 advisory. - runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2019-19921 Note that Nessus has n...

7CVSS5.8AI score0.00457EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.11 views

RHCOS 4 : OpenShift Container Platform 4.1.38 (RHSA-2020:0695)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0695 advisory. - runc: volume mount race condition with shared mounts leads to information leak/integrity manipulation CVE-2019-19921 Note that Nessus has n...

7CVSS5.8AI score0.00457EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-1117

Malicious code in bioql PyPI...

7CVSS6.3AI score0.00448EPSS
Exploits1References25
Amazon
Amazon
added 2025/04/29 12:0 a.m.4 views

Important: runc

Issue Overview: A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this...

7CVSS6.7AI score0.00457EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 7 : runc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - runc: Execution of malicious containers allows for container escape and access to host filesystem...

8.6AI score0.9857EPSS
Exploits34References3
Rosalinux
Rosalinux
added 2024/04/11 7:16 a.m.57 views

Advisory ROSA-SA-2024-2393

Software: runc 1.0.0 OS: rosa-server79 packageevrstring: runc-1.0.0.0-70.rc10.res7 CVE-ID: CVE-2019-19921 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: runc has improper access control leading to elevated privileges associated with libcontainer/rootfslinux.go. To exploit this, an attacker must be able t...

8.6CVSS9AI score0.18087EPSS
Exploits18
RedHat Linux
RedHat Linux
added 2023/11/14 3:32 p.m.4 views

runc: volume mount race condition (regression of CVE-2019-19921)

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization by adding a symlink to the rootfs that points to a directory on the volume...

7CVSS6.9AI score0.00457EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2023/11/07 8:47 a.m.61 views

Moderate: Red Hat Security Advisory: runc security update

An update for runc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

7.8CVSS6.7AI score0.01677EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.31 views

Oracle Linux 8 : container-tools:ol8 (ELSA-2020-1650)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1650 advisory. - A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux...

7CVSS7AI score0.01849EPSS
Exploits0References4
OSV
OSV
added 2023/08/31 12:16 p.m.3 views

BELL-CVE-2019-19921 CVE-2019-19921 does not affect BellSoft software

Bulletin has no description...

7CVSS7.3AI score0.00457EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/08/17 12:0 a.m.32 views

Fedora: Security Advisory for golang-github-opencontainers-runc (FEDORA-2023-6e6d9065e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7CVSS7.7AI score0.00457EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/08/16 12:0 a.m.33 views

Fedora 37 : golang-github-opencontainers-runc (2023-9edf2145fb)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-9edf2145fb advisory. Add commit c0be1aa2d101dcd3074b5a0e486d58d3f9568d81 as a patch for github.com/containers/common ---- Security fix for CVE-2023-27561 Update to 1.1.8...

7CVSS7.1AI score0.00457EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/08/16 12:0 a.m.28 views

Fedora 38 : golang-github-opencontainers-runc (2023-6e6d9065e0)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6e6d9065e0 advisory. Add commit c0be1aa2d101dcd3074b5a0e486d58d3f9568d81 as a patch for github.com/containers/common ---- Security fix for CVE-2023-27561 Update to 1.1.8...

7CVSS7.1AI score0.00457EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/07/18 12:0 a.m.42 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2023-2352)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploi...

8.5CVSS7AI score0.06604EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/06 12:0 a.m.38 views

Amazon Linux 2 : runc (ALASDOCKER-2023-025)

The version of runc installed on the remote host is prior to 1.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-025 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was...

7.8CVSS7AI score0.00457EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2023/05/24 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-6088-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01677EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2023/05/17 10:30 p.m.51 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

9.1CVSS7AI score0.05994EPSS
Exploits9References909
Tenable Nessus
Tenable Nessus
added 2023/05/09 12:0 a.m.31 views

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2023-1800)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this...

7CVSS6.9AI score0.00457EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/04/26 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2023:2003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.00457EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2023/04/21 12:0 a.m.38 views

Fedora 37 : runc (2023-1ba499965f)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1ba499965f advisory. Security fix for CVE-2023-27561 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7CVSS7AI score0.00457EPSS
Exploits1References3
Rows per page
Query Builder