CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

OSV•added 2022/09/13 2:15 p.m.•26 views

CVE-2022-2990

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

7.1CVSS7AI score

Exploits0References2

UbuntuCve•added 2022/09/13 2:15 p.m.•55 views

CVE-2022-2990

7.1CVSS7AI score0.00322EPSS

Exploits1References5

OSV•added 2022/09/13 2:15 p.m.•0 views

UBUNTU-CVE-2022-2989

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

7.1CVSS5.9AI score0.00298EPSS

Exploits1References5

Cvelist•added 2022/09/13 1:44 p.m.•30 views

CVE-2022-2990

7.5AI score0.00322EPSS

Exploits1References2

CVE•added 2022/09/13 1:44 p.m.•401 views

CVE-2022-2990

CVE-2022-2990 (Buildah): The issue stems from incorrect handling of supplementary groups inside a container, which, if an attacker has direct container access and can execute code, may enable information disclosure or data modification. Affected: Buildah/container tools relying on supplementary g...

7.1CVSS7.1AI score0.00322EPSS

Exploits1References2Affected Software1

AlpineLinux•added 2022/09/13 1:44 p.m.•61 views

CVE-2022-2990

7.1CVSS7.4AI score0.00322EPSS

Exploits1

CVE•added 2022/09/13 1:41 p.m.•336 views

CVE-2022-2989

CVE-2022-2989 affects Podman and is caused by incorrect handling of supplementary groups inside a container, enabling potential information disclosure or data modification when an attacker has direct container access and can execute code. Connected documents confirm affected Podman versions older...

7.1CVSS7.1AI score0.00298EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2022/09/13 1:41 p.m.•4 views

CVE-2022-2989

6.9AI score0.00298EPSS

Exploits1References2

Debian CVE•added 2022/09/13 1:41 p.m.•35 views

CVE-2022-2989

7.1CVSS5.8AI score0.00298EPSS

Exploits1

RedhatCVE•added 2022/08/26 5:40 a.m.•42 views

CVE-2022-2995

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...

3.6CVSS2.2AI score0.0036EPSS

Exploits1References4

RedhatCVE•added 2022/08/25 2:10 p.m.•49 views

CVE-2022-2990

7.1CVSS2.1AI score0.00322EPSS

Exploits1References4

OpenVAS•added 2022/07/29 12:0 a.m.•9 views

Fedora: Security Advisory for podman (FEDORA-2022-482b42705f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References2

Fedora•added 2022/07/28 1:28 a.m.•19 views

[SECURITY] Fedora 36 Update: podman-4.1.1-3.fc36

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

7.7AI score

Exploits0

OpenVAS•added 2022/07/21 12:0 a.m.•10 views

Fedora: Security Advisory for podman (FEDORA-2022-3e1ade35db)

7.5AI score

Exploits0References2

Ubuntu•added 2022/07/14 1:5 a.m.•116 views

USN-5518-1: Linux kernel vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPFBTFLOAD commands. A privileged local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-0500 It was discovered tha...

7.8CVSS7.2AI score0.00545EPSS

Exploits2

Ubuntu•added 2022/07/13 7:3 p.m.•110 views

USN-5514-1: Linux kernel vulnerabilities

It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-1195...

7.5CVSS6.9AI score0.01492EPSS

Exploits3

Fedora•added 2022/07/13 2:0 a.m.•35 views

[SECURITY] Fedora 36 Update: podman-4.1.1-2.fc36

9.3CVSS9.1AI score0.05292EPSS

Exploits4

OpenVAS•added 2022/05/15 12:0 a.m.•28 views

Fedora: Security Advisory for podman (FEDORA-2022-5e637f6cc6)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS10AI score0.03974EPSS

Exploits2References2

Fedora•added 2022/05/14 1:24 a.m.•65 views

[SECURITY] Fedora 34 Update: podman-3.4.7-1.fc34

8.8CVSS10AI score0.05994EPSS

Exploits2

Fedora•added 2022/05/07 4:47 a.m.•38 views

[SECURITY] Fedora 36 Update: podman-4.0.3-1.fc36

7.5CVSS10AI score0.05994EPSS

Exploits0

Rows per page