57 matches found
CVE-2020-25039
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...
CVE-2020-25039
Removed by vendor...
CVE-2020-25039
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...
CVE-2020-25039
CVE-2020-25039 affects Sylabs Singularity from version 3.2.0 through 3.6.2, where insecure permissions on temporary directories used during fakeroot or user namespace container execution can allow read access to image contents. The issue is addressed in Singularity 3.6.3; openSUSE advisories HS i...
CVE-2020-25039
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution...
vulhub
It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not explicitly stated, but the environments are designed to demonstrate various types of vulnerabilities. The probable entry points are not specified, but the environments are...
Malicious Container Execution
github.com/opencontainers/runc is vulnerable to Malicious Container Execution. It does not properly perform the file-descriptor handling which allows a malicious user to overwrite the host runc binary and subsequently executing containers such as 1 a new container with an attacker-controlled imag...
ALPINE-CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a new container with an...
CVE-2018-10856
It has been discovered that podman does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container...
cri-o: capabilities are not dropped when switching to a non-root user
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
Privilege Context Switching Error
github.com/kubernetes-incubator/cri-o is susceptible to privilege context switching error. The vulnerability exists in handling ambient capabilities. During container execution, containers running with elevated privileges may allow a user with lower privilege to perform abilities they should not...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
Privilege escalation
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...
CVE-2018-1000400
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error CWE-270 vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via...