K000141393: Containerd vulnerability CVE-2021-41103

Security Advisory Description containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux...

GLSA-202401-31 : containerd: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-31 containerd: Multiple Vulnerabilities - containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Uni...

Siemens SCALANCE LPE9403 Path Traversal (CVE-2021-41103)

A vulnerability was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permissi...

Amazon Linux 2 : containerd (ALASECS-2023-027)

The version of containerd installed on the remote host is prior to 1.4.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2023-027 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in...

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative Distribution Specification could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when a Content-Type...

CBL Mariner 2.0 Security Update: moby-containerd (CVE-2021-41103)

The version of moby-containerd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-41103 advisory. - containerd is an open source container runtime with an emphasis on simplicity, robustness and...

Ubuntu: Security Advisory (USN-5521-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Release of containers for OSP 16.2.z director operator tech preview

Red Hat OpenStack Platform 16.2 Train director operator containers, with several Important security fixes, are available for technology preview. Release osp-director-operator images Security Fixes: CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read important CVE-2021-41103...

USN-5521-1: containerd vulnerabilities

It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute program...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1926)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : containerd (ALASNITRO-ENCLAVES-2022-016)

The version of containerd installed on the remote host is prior to 1.4.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2022-016 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug wa...

Amazon Linux 2 : containerd (ALASDOCKER-2022-016)

The version of containerd installed on the remote host is prior to 1.4.6-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2022-016 advisory. containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found ...

CVE-2021-41103 affecting package moby-containerd for versions less than 1.4.4+azure-4

CVE-2021-41103 affecting package moby-containerd for versions less than 1.4.4+azure-4. A patched version of the package is available...

Amazon Linux 2 : containerd (ALAS-2022-016) (deprecated)

This plugin has been deprecated following detection of an issue with overlapping filenames. Deprecated by al2ALASDOCKER-2022-016.nasl plugin ID 160406 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux 2 Security Advisory...

Medium: containerd

Issue Overview: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1251)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1239)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for containerd, (openSUSE-SU-2022:0334-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : containerd, docker (SUSE-SU-2022:0334-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0334-1 advisory. - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempting ...

SUSE: Security Advisory (SUSE-SU-2022:0334-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...