2671 matches found
CVE-2021-31213
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability...
Remote code execution
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability...
CVE-2021-31213 Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
...
CVE-2021-31213
CVE-2021-31213 affects the Visual Studio Code Remote Containers Extension. The vulnerability is a remote code execution weakness in the extension prior to version 0.177.1, exploitable by convincing a user to open specially crafted content. Impact is arbitrary code execution with the victim’s priv...
Visual Studio Code Remote Containers Extension Remote Code Execution Vulnerability
...
Microsoft Visual Studio Code 代码注入漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Visual Studio Code. The following products and versions are affected: Visual Studio Code Remote - Containers Extension...
PT-2021-3056 · Microsoft · Visual Studio Code +1
Name of the Vulnerable Software and Affected Versions: Visual Studio Code Remote Containers Extension affected versions not specified Description: The issue is related to incorrect code generation management in the Visual Studio Code editor. Exploitation of this issue may allow a remote attacker ...
Security Update for Microsoft Visual Studio Code Remote Containers Extension (May 2021)
The Microsoft Visual Studio Code Remote Containers Extension is prior to version 0.177.1. It is, therefore, affected by a remote code execution vulnerability. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the...
Improper Locking in github.com/containers/storage
A deadlock vulnerability was found in github.com/containers/storage in versions before 1.28.1. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code indefinite...
GHSA-7QW8-847F-PGGM Improper Locking in github.com/containers/storage
A deadlock vulnerability was found in github.com/containers/storage in versions before 1.28.1. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code indefinite...
MITRE ATT&CK for Containers: Why It Matters
The complexity of containers demands something to make sense of it all. Builders, operations teams and security teams need a single language to understand the risk associated with containers...
Center for Threat-Informed Defense teams up with Microsoft, partners to build the ATT&CK® for Containers matrix
The MITRE ATT&CK® for Containers matrix was published today, establishing an industry knowledge base of attack techniques associated with containerization and related technologies that are increasingly more ubiquitous in the current computing landscape. Microsoft is happy to have contributed and...
Fedora: Security Advisory for containers-common (FEDORA-2021-ec00da7faa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for crun (FEDORA-2021-ec00da7faa)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for crun (FEDORA-2021-83b3740389)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for containers-common (FEDORA-2021-83b3740389)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for singularity (FEDORA-2021-e49f5e66f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 34 Update: runc-1.0.0-377.rc93.fc34
The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...
containers/storage: DoS via malicious image
A deadlock vulnerability was found in github.com/containers/storage. When a container image is processed, each layer is unpacked using tar. If one of those layers is not a valid tar archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar...
KubiScan - A Tool To Scan Kubernetes Cluster For Risky Permissions
A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control RBAC authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research...