2671 matches found
CVE-2021-37841
Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with...
Code injection
Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with...
CVE-2021-37841
Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server running the Windows containers, it can lead to a full container compromise in both process isolation and Hyper-V isolation modes. This security issue leads an attacker with...
[SECURITY] Fedora 34 Update: containernetworking-plugins-1.0.0-0.3.rc1.fc34
The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...
[SECURITY] Fedora 33 Update: podman-3.2.3-2.fc33
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
[SECURITY] Fedora 33 Update: containernetworking-plugins-1.0.0-0.3.rc1.fc33
The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform for Windows Containers 3.0.0 security and bug fix update
The components for Red Hat OpenShift Container Platform for Windows Containers 3.0.0 are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...
Security Bulletin: A security vulnerability was fixed in IBM Security Access Manager and IBM Security Verify Access Docker containers
Summary A security vulnerability was fixed in IBM Security Access Manager and IBM Security Verify Access Docker containers Vulnerability Details CVEID: CVE-2021-20439 DESCRIPTION: IBM Security Access Manager Docker stores user credentials in plain clear text which can be read by an unauthorized...
GO-2021-0100 Denial of service via deadlock in github.com/containers/storage
Due to a goroutine deadlock, using github.com/containers/storage/pkg/archive.DecompressStream on a xz archive returns a reader which will hang indefinitely when Close is called. An attacker can use this to cause denial of service if they are able to cause the caller to attempt to decompress an...
Fedora: Security Advisory for podman (FEDORA-2021-0c53d8738d)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for crun (FEDORA-2021-0c53d8738d)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for containers-common (FEDORA-2021-0c53d8738d)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: crun-0.20.1-1.fc33
crun is a runtime for running OCI containers...
[SECURITY] Fedora 33 Update: containernetworking-plugins-1.0.0-0.2.rc1.fc33
The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...
Important: Red Hat Bug Fix Advisory: Migration Toolkit for Containers (MTC) 1.4.6 release advisory
The Migration Toolkit for Containers MTC 1.4.6 is now available. The Migration Toolkit for Containers MTC enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes A...
DEBIAN-CVE-2021-32773
Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow...
runC: Container breakout
Background runC is a CLI tool for spawning and running containers according to the OCI specification. Description A vulnerability in runC could allow an attacker to achieve privilege escalation if specific mount configuration prerequisites are satisfied. Impact An attacker may be able to escalati...
CVE-2021-35360
A reflected cross site scripting XSS vulnerability in dotAdmin//c/containers of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload...
CVE-2021-35360
A reflected cross site scripting XSS vulnerability in dotAdmin//c/containers of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload...
Cross site scripting
A reflected cross site scripting XSS vulnerability in dotAdmin//c/containers of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload...