NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

ALBA-2021:4061 NetworkManager bug fix and enhancement update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

[SECURITY] Fedora 35 Update: moby-engine-20.10.9-1.fc35

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...

Moderate: Red Hat Enhancement Advisory: OpenShift Sandboxed Containers 1.1.0 update

An update to OpenShift sandboxed containers 1.1.0 is now available. OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional optional runtime. This advisory contains an update for OpenShift sandboxed...

Siemens SINEC NMS Path Traversal Vulnerability (CNVD-2021-77595)

SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A path traversal vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1 when exporting firmware containers. An attacker could exploit this vulnerability to create arbitrary files on...

Siemens SINEC NMS SQL Injection Vulnerability (CNVD-2021-77592)

SINEC NMS is a network management system from Siemens for monitoring and managing industrial networks.A SQL injection vulnerability exists in versions prior to SINEC NMS 1.0 SP2 Update 1, which could be exploited by an authenticated attacker to import firmware containers into the affected system...

CVE-2021-20264

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality,...

Design/Logic Flaw

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality,...

CVE-2021-20264

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality,...

Exploit for Path Traversal in Apache Http_Server

PoC exploit for CVE-2021-41773, a vulnerability in the Apache HT...

CVE-2021-41091

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traver...

OESA-2021-1359 cockpit security update

Cockpit makes GNU/Linux discoverable. See Linux server in a web browser and perform system tasks with a mouse. It’s easy to start containers, administer storage, configure networks, and inspect logs with this package. Security Fixes: Cockpit and its plugins do not seem to protect itself against...

Moderate: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.6.0 security & bugfix update

The Migration Toolkit for Containers MTC 1.6.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Migration Toolkit For Containers 数据伪造问题漏洞

Red Hat Migration Toolkit For Containers Mtc is a container migration toolkit from Red Hat, Inc. It is used to provide a web console and Api based on Kubernetes custom resources to help control migration and minimize application downtime. Migration Toolkit For Containers is vulnerable to a data...

Nextcloud: RCE on 17 different Docker containers on your network

Summary: I was able to get RCE on 17 different docker containers, ranging from postgres and some prod enviroments Steps To Reproduce: I found that there was a unconfigured portainer.io service running on http://spreed-demo.nextcloud.com:9000 1. I created an administrator account with the login...

MGASA-2021-0412 Updated opencontainers-runc packages fix security vulnerability

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition...

buf (>=0.1.0 <=0.2.1), i-o (>=0.1.0 <=0.4.1) +2 more potentially affected by CVE-2021-25907 via containers (>=0.1.1 <=0.8.5)

containers CARGO version =0.1.1, =0.1.0, =0.1.0, =0.13.0, =0.14.1 - lude =0.1.0 Source cves: CVE-2021-25907 Source advisory: OSV:GHSA-CV7X-6RC6-PQ5V...

GHSA-CV7X-6RC6-PQ5V Double free in containers

Upon panic in a user-provided function f, fn mutate & fn mutate2 drops twice a same object. Affected versions of this crate did not guard against double drop while temporarily duplicating an object's ownership with ptr::read. Dropping a same object can result in memory corruption. The flaw was...

Double free in containers

Upon panic in a user-provided function f, fn mutate & fn mutate2 drops twice a same object. Affected versions of this crate did not guard against double drop while temporarily duplicating an object's ownership with ptr::read. Dropping a same object can result in memory corruption. The flaw was...

Security Bulletin: Resilient App Host uses higher permissions than required for containers hosted on it.

Summary Resilient App Host uses higher permissions than required for containers hosted on it which may be exploited by a malicious application. Vulnerability Details CVEID: CVE-2021-29802 DESCRIPTION: IBM Security SOAR performs an operation at a privilege level that is higher than the minimum lev...