Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/31 12:0 a.m.48 views

GLSA-202401-31 : containerd: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-31 containerd: Multiple Vulnerabilities - containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Uni...

7.8CVSS6.9AI score0.27392EPSS
Exploits6References13
Tenable Nessus
Tenable Nessus
added 2023/11/16 12:0 a.m.52 views

Amazon Linux 2 : containerd (ALASECS-2023-029)

The version of containerd installed on the remote host is prior to 1.4.6-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2023-029 advisory. A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file...

6.8CVSS6.3AI score0.01608EPSS
Exploits2References4
Amazon
Amazon
added 2023/11/16 12:0 a.m.6 views

Medium: containerd

Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...

6.8CVSS6.7AI score0.01608EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2023/10/19 10:22 p.m.78 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh for 2.4.4 security update

An update is now available for Red Hat OpenShift Service Mesh 2.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS7.1AI score0.99999EPSS
Exploits22References12
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.46 views

Ubuntu: Security Advisory (USN-5521-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.27392EPSS
Exploits6References2
Ubuntu
Ubuntu
added 2022/07/15 1:48 p.m.85 views

USN-5521-1: containerd vulnerabilities

It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute program...

7.8CVSS7AI score0.27392EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.36 views

Oracle Linux 7 : containerd (ELSA-2021-15790)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-15790 advisory. - Address CVE-2021-32760 docker-cli - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine Tenable has extracted the preceding...

6.8CVSS6.4AI score0.01608EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2022/06/22 12:0 a.m.60 views

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2022-1926)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container...

7.8CVSS6.3AI score0.02209EPSS
Exploits3References5
OpenVAS
OpenVAS
added 2022/06/22 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1926)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.02209EPSS
Exploits3References2
RedHat Linux
RedHat Linux
added 2022/05/11 11:33 a.m.67 views

Moderate: Red Hat Security Advisory: Release of containers for OSP 16.2.z director operator tech preview

Red Hat OpenStack Platform 16.2 Train director Operator containers are available for technology preview. Release osp-director-operator images Security Fixes: golang: kubernetes: YAML parsing vulnerable to "Billion Laughs" attack, allowing for remote CVE-2019-11253 golang: golang-github-miekg-dns:...

7.5CVSS6.7AI score0.25939EPSS
Exploits9References7
Tenable Nessus
Tenable Nessus
added 2022/04/20 12:0 a.m.57 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-1501)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container...

6.8CVSS6.1AI score0.02209EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1501)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.9AI score0.02209EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2022/04/20 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1482)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.9AI score0.02209EPSS
Exploits3References2
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.22 views

CVE-2021-32760 affecting package moby-containerd for versions less than 1.4.4+azure-4

CVE-2021-32760 affecting package moby-containerd for versions less than 1.4.4+azure-4. A patched version of the package is available...

6.8CVSS6.8AI score0.01608EPSS
Exploits2
Amazon
Amazon
added 2021/11/18 12:0 a.m.4 views

Medium: containerd

Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...

6.8CVSS6.7AI score0.01608EPSS
Exploits2
Amazon
Amazon
added 2021/11/18 12:0 a.m.6 views

Medium: containerd

Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...

6.8CVSS6.7AI score0.01608EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2021/11/01 12:0 a.m.49 views

openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:1404-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1404-1 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be...

8.5CVSS6.9AI score0.06604EPSS
Exploits5References23
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/31 12:0 a.m.70 views

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:1404-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...

8.4CVSS6.7AI score0.06604EPSS
Exploits5References10
OPENSUSE Linux
OPENSUSE Linux
added 2021/10/25 12:0 a.m.70 views

Security update for containerd, docker, runc (important)

openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:3506-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...

8.4CVSS6.7AI score0.06604EPSS
Exploits5References10
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.50 views

SUSE SLES12 Security Update : containerd, docker, runc (SUSE-SU-2021:3336-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3336-1 advisory. Docker was updated to 20.10.9-ce. bsc1191355 See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. CVE-2021-41092...

8.5CVSS6.8AI score0.06604EPSS
Exploits5References22
Rows per page
Query Builder