Lucene search
K

349 matches found

CVE
CVE
added 2021/10/04 12:0 a.m.515 views

CVE-2021-41103

CVE-2021-41103 affects containerd and stems from insufficiently restricted permissions on container root directories and some plugins, enabling unprivileged host users to traverse directories, read/modify files, and potentially execute programs (including those with extended permission bits). The...

7.8CVSS6.8AI score0.00482EPSS
Exploits0References7Affected Software1
The Hacker News
The Hacker News
added 2021/09/10 5:7 a.m.75 views

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances ACI services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in the public...

9.3CVSS0.5AI score0.9857EPSS
Exploits33
OSV
OSV
added 2021/08/10 7:58 p.m.3 views

USN-4867-1 runc vulnerabilities

It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. CVE-2019-16884 Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious...

8.5CVSS6.8AI score0.06604EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2021/08/09 12:33 p.m.89 views

USN-5032-2: Docker vulnerabilities

USN-5032-1 fixed vulnerabilities in Docker. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them...

5.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/07/20 12:0 a.m.47 views

Ubuntu 18.04 LTS / 20.04 LTS : containerd vulnerabilities (USN-5012-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5012-1 advisory. It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially...

6.8CVSS6.4AI score0.01608EPSS
Exploits2References2
CVE
CVE
added 2021/07/19 12:0 a.m.532 views

CVE-2021-32760

CVE-2021-32760 affects containerd prior to 1.4.8 and 1.5.4. A crafted container image could cause Unix file permission changes on host files when pulling/extracting, potentially denying access, widening permissions, or setting bits like setuid/setgid/sticky. The flaw does not directly unlock read...

6.8CVSS6AI score0.01608EPSS
Exploits2References5Affected Software1
Debian CVE
Debian CVE
added 2021/07/19 12:0 a.m.31 views

CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.8CVSS6.3AI score0.01608EPSS
Exploits2
OSV
OSV
added 2021/06/13 9:32 p.m.6 views

MGASA-2021-0248 Updated docker-containerd packages fix security vulnerability

In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service that share the same image may receive incorrect...

6.3CVSS6.4AI score0.02044EPSS
Exploits0References3
OSV
OSV
added 2021/06/12 11:2 a.m.4 views

OESA-2021-1215 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly...

8.5CVSS6.8AI score0.06604EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/05/26 6:6 a.m.73 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.40 security and bug fix update

Red Hat OpenShift Container Platform release 4.5.40 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.5CVSS6.7AI score0.06604EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/05/26 12:0 a.m.21 views

RHEL 7 / 8 : OpenShift Container Platform 4.6.30 (RHSA-2021:1566)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1566 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

8.5CVSS7.4AI score0.06604EPSS
Exploits0References6
OSV
OSV
added 2021/05/24 5:0 p.m.27 views

GHSA-36XW-FX78-C5R4 containerd-shim API Exposed to Host Network Containers

Impact Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID...

5.2CVSS5.4AI score0.03236EPSS
Exploits4References8
Rapid7 Blog
Rapid7 Blog
added 2021/04/08 1:27 p.m.60 views

Kubernetes Namespaces Are Not as Secure as You Think

In a previous article, we described how the usage of namespaces in Kubernetes significantly simplifies the management of a Kubernetes cluster. However, managing multiple microservices on the same cluster comes with a security cost when not planned correctly. A common misconception around namespac...

6.7AI score
Exploits0
Fedora
Fedora
added 2021/03/15 1:20 a.m.55 views

[SECURITY] Fedora 33 Update: containerd-1.4.4-1.fc33

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Lin ux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervisio...

6.3CVSS2.6AI score0.02044EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.29 views

Fedora 33 : 1:golang-github-containerd-cri (2021-10ce8fcbf1)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-10ce8fcbf1 advisory. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...

6.3CVSS6.4AI score0.02044EPSS
Exploits0References2
CVE
CVE
added 2021/03/10 9:30 p.m.492 views

CVE-2021-21334

CVE-2021-21334 affects containerd’s CRI plugin: when multiple containers/pods are launched from the same image, containers may receive incorrect environment variables shared across them, potentially exposing sensitive data. The issue is fixed in containerd versions 1.3.10 and 1.4.4; affected envi...

6.3CVSS6.5AI score0.02044EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2021/03/01 12:0 a.m.30 views

Debian: Security Advisory (DSA-4865-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.03287EPSS
Exploits5References4
Fedora
Fedora
added 2020/12/10 1:15 a.m.48 views

[SECURITY] Fedora 33 Update: containerd-1.4.3-1.fc33

Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Lin ux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervisio...

5.2CVSS2.6AI score0.03236EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2020/12/03 12:0 a.m.37 views

Oracle Linux 7 : containerd (ELSA-2020-5964)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-5964 advisory. - Addresses CVE-2020-15257 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...

5.2CVSS6.4AI score0.03236EPSS
Exploits4References2
NVD
NVD
added 2020/12/01 3:15 a.m.20 views

CVE-2020-15257

containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting...

5.2CVSS5.6AI score0.03236EPSS
Exploits4References6
Rows per page
Query Builder