Lucene search
K

349 matches found

OpenVAS
OpenVAS
added 2023/03/17 12:0 a.m.28 views

Fedora: Security Advisory for containerd (FEDORA-2023-05b39bc048)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00542EPSS
Exploits1References2
Fedora
Fedora
added 2023/03/16 6:33 p.m.66 views

[SECURITY] Fedora 37 Update: containerd-1.6.19-1.fc37

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

7.8CVSS7.1AI score0.00542EPSS
Exploits1
Fedora
Fedora
added 2023/03/16 6:20 p.m.43 views

[SECURITY] Fedora 36 Update: containerd-1.6.19-1.fc36

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

7.8CVSS7.1AI score0.00542EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/03/16 12:0 a.m.36 views

Fedora 36 : containerd (2023-aadd08ab96)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-aadd08ab96 advisory. Update containerd to 1.16.19 - Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2 - Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p Tenable has extracted...

7.8CVSS7AI score0.00542EPSS
Exploits1References3
Fedora
Fedora
added 2023/03/11 4:7 a.m.43 views

[SECURITY] Fedora 38 Update: containerd-1.6.19-1.fc38

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

7.8CVSS7.1AI score0.00542EPSS
Exploits1
CNNVD
CNNVD
added 2023/03/03 12:0 a.m.3 views

runc 安全漏洞

runc is a CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc version 1.1.4 and earlier versions that stems from incorrect access control. An attacker can exploit the vulnerability to escalate privileges...

7CVSS7AI score0.00448EPSS
Exploits1References17
AlpineLinux
AlpineLinux
added 2023/02/16 2:9 p.m.57 views

CVE-2023-25173

containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be ab...

7.8CVSS7.2AI score0.00542EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2023/02/16 12:0 a.m.358 views

CVE-2023-25173

containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be ab...

7.8CVSS6.7AI score0.00542EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:4 a.m.2 views

SUSE CVE-2016-3697

libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container...

7.8CVSS7.2AI score0.00388EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.3 views

SUSE CVE-2022-0532

An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace...

4.9CVSS4.6AI score0.00756EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:33 a.m.3 views

SUSE CVE-2022-1708

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

6.8CVSS6.7AI score0.02827EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2022/12/30 12:0 a.m.31 views

Fedora: Security Advisory for containerd (FEDORA-2022-db674bafd9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08519EPSS
Exploits0References2
Fedora
Fedora
added 2022/12/29 1:16 a.m.46 views

[SECURITY] Fedora 36 Update: containerd-1.6.14-2.fc36

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

7.5CVSS6.6AI score0.08519EPSS
Exploits0
OSV
OSV
added 2022/12/17 11:4 a.m.3 views

OESA-2022-2143 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

6.5CVSS7.4AI score0.01022EPSS
Exploits0References2
OSV
OSV
added 2022/12/07 11:15 p.m.5 views

AZL-11585 CVE-2022-23471 affecting package moby-containerd for versions less than 1.6.12-3

containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, f...

6.5CVSS6.6AI score0.01022EPSS
Exploits0References1
OSV
OSV
added 2022/11/11 12:3 a.m.45 views

GHSA-VP35-85Q5-9F25 Container build can leak any path on the host into the container

Description Moby is the open source Linux container runtime and set of components used to build a variety of downstream container runtimes, including Docker CE, Mirantis Container Runtime formerly Docker EE, and Docker Desktop. Moby allows for building container images using a set of build...

7.5AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:43 a.m.4 views

cri-o: memory exhaustion on the node when access to the kube api

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

7.8CVSS6.6AI score0.02827EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.5 views

CRI-O 安全漏洞

CRI-O is a lightweight container runtime environment for the Kubernetes system. CRI-O suffers from a security vulnerability that stems from the fact that it allows an attacker with programmatic access to inheritable file features to elevate those features to the allowed set when running execve2...

5.3CVSS5.6AI score0.00212EPSS
Exploits0References9
Fedora
Fedora
added 2022/09/20 12:17 a.m.23 views

[SECURITY] Fedora 37 Update: containerd-1.6.8-4.fc37

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

7.5AI score
Exploits0
Fedora
Fedora
added 2022/09/16 12:18 a.m.40 views

[SECURITY] Fedora 37 Update: containerd-1.6.8-2.fc37

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

6.3CVSS6.8AI score0.00807EPSS
Exploits0
Rows per page
Query Builder