Arbitrary File Read

podman is vulnerable to arbitrary file read. The vulnerability exists through an improper symlink resolution allows access to host files when executing podman cp on running containers...

Kernel update: Virtuozzo ReadyKernel patch 84.1 for Virtuozzo 7.0.11

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernel 3.10.0-957.12.2.vz7.96.21 Virtuozzo 7.0.11. Vulnerability id: PSBM-95772 pcompact operation is much slower for the containers on Virtuozzo Storage than for the ones stored locally...

CVE-2019-10152

A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file...

Path traversal

A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file...

CVE-2019-10152

A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file...

CVE-2019-10152

CVE-2019-10152 is a path traversal vulnerability in podman, where improper handling of symlinks inside containers (pre-1.4.0) allowed an attacker who already compromised a container to cause host-files read/write when copying between container and host. Multiple sources (GHSA advisory, openSUSE/S...

CVE-2019-10152

A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file...

podman: Improper symlink resolution allows access to host files when executing `podman cp` on running containers

A path traversal vulnerability has been discovered in podman in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container...

Moderate: Red Hat Security Advisory: podman security, bug fix, and enhancement update

An update for podman is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2019-11723

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...

Design/Logic Flaw

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...

CVE-2019-11723

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...

CVE-2019-11723

CVE-2019-11723 affects Mozilla Firefox prior to version 68, where during add-on installation the initial fetch ignored origin attributes of the browsing context, potentially leaking cookies in private browsing or across Firefox Multi-Account Containers. The issue is documented in multiple sources...

Fedora Update for virt-bootstrap FEDORA-2019-2084f9e721

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 29 Update: virt-bootstrap-1.1.1-1.fc29

Provides a way to create the root file system to use for libvirt containers...

[SECURITY] Fedora 30 Update: virt-bootstrap-1.1.1-1.fc30

Provides a way to create the root file system to use for libvirt containers...

CVE-2019-11723

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...

UBUNTU-CVE-2019-11723

A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...

Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7 and Server Bare Metal 5.0 based on the RHEL 6.10 kernel 2.6.32-754.15.3.el6. The new kernel inherits security fixes for SACK-related issues in the TCP stack as well as a few improvements for the MDS...

[SECURITY] Fedora 29 Update: containernetworking-plugins-0.7.5-1.fc29

The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resourc ...