Lucene search
K

464 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-8676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that...

7.4CVSS7AI score0.00773EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2023-28642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the...

7.8CVSS7.1AI score0.00343EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-3602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN...

5.5CVSS6.3AI score0.00327EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-25809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes...

6.3CVSS7.1AI score0.00327EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2020-14370

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible...

5.3CVSS6.1AI score0.01402EPSS
Exploits0References2
NVD
NVD
added 2025/02/19 5:15 p.m.13 views

CVE-2025-24965

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS0.00533EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/12 12:0 a.m.4 views

NVIDIA Container Toolkit 安全漏洞

NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. Allows users to build and run GPU-accelerated containers. A security vulnerability exists in NVIDIA Container Toolkit versions prior to 24.9.2, which stems from the inclusion of a time-of-check time-of-use TOCTOU vulnerability when...

8.3CVSS8.9AI score0.03577EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/02/11 12:0 a.m.10 views

RHEL 9 : buildah (RHSA-2025:1295)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1295 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...

8.6CVSS7.3AI score0.00358EPSS
Exploits0References4
Wiz blog
Wiz blog
added 2025/02/10 1:29 p.m.10 views

Our Container Security AMA: You asked, Wiz answered

Check out the top comments and responses from our recent containers AMA...

7.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 11:39 p.m.8 views

CVE-2022-41739

IBM Spectrum Scale IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 could allow programs running inside the container to overcome isolation mechanism and gain additional capabilities or access sensitive information on the host. IBM X-Force ID: 237815...

8.4CVSS6.2AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2025/01/10 7:54 p.m.7 views

MGASA-2025-0004 Updated opencontainers-runc packages fix security vulnerability

runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files, existing...

3.6CVSS4.2AI score0.00317EPSS
Exploits0References3
Mageia
Mageia
added 2025/01/10 7:54 p.m.16 views

Updated opencontainers-runc packages fix security vulnerability

runc 1.1.13 and earlier as well as 1.2.0-rc2 and earlier can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers and exploiting a race with os.MkdirAll. While this can be used to create empty files, existing...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/09 2:11 p.m.21 views

CVE-2022-22491 IBM App Connect Enterprise Certified Container denial of service

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red Hat OpenShift do not restrict writing to the local filesystem, which may result in exhausting the...

5.5CVSS0.0016EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/01/07 12:0 a.m.5 views

Trend Micro Contributes and Maps Container Security to MITRE ATT&CK: A Game-Changer for Cyber Defense

Trend Micro leads the way by mapping its Container Security detection capabilities to the MITRE ATT&CK framework for Containers and contributing real-world attack data...

7.3AI score
Exploits0
Wolfi
Wolfi
added 2024/12/18 9:15 p.m.131 views

CVE-2024-45338 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-firehose, kbld, aws-efs-csi-driver, crossplane-provider-azure-managedidentity, crossplane-provider-aws-kms, kubernetes, crossplane-provider-aws, argo-rollouts, crossplane-provider-aws-s3, prometheus-pushgateway, crossplane-provider-gcp,...

5.3CVSS6.7AI score0.00874EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.7 views

EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-2965)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.20 views

EulerOS 2.0 SP11 : docker-runc (EulerOS-SA-2024-2979)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and...

3.6CVSS6.7AI score0.00317EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/12/05 1:1 a.m.3 views

runc: file descriptor leak

A file descriptor leak issue was found in the runc package. While a user performs OCLOEXEC all file descriptors before executing the container code, the file descriptor is open when performing setcwd2, which means that the reference can be kept alive in the container by configuring the working...

8.6CVSS7AI score0.18087EPSS
Exploits18References6
CNNVD
CNNVD
added 2024/12/05 12:0 a.m.4 views

LXD 安全漏洞

LXD is a Canonical open source container for managing applications on Linux-based systems. A security vulnerability exists in LXD versions prior to 5.21.2 that stems from the ability to bypass PKI mode if a client's certificate exists in a trust store...

3.8CVSS6.3AI score0.00158EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/11/13 6:55 p.m.4 views

buildah: Buildah allows arbitrary directory mount

A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...

7.8CVSS7.3AI score0.00392EPSS
Exploits0References4
Rows per page
Query Builder