2670 matches found
Moderate: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
CVE-2024-45313 Insecure default setting for Server Pro installed via Overleaf toolkit
Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf Toolkit from before 2024-07-17 or legacy docker-compose.yml from before 2024-08-28, the configuration for LaTeX compiles was insecure by default, requiring the administrator to enable the security...
CVE-2024-45313
Summary: CVE-2024-45313 affects Overleaf Server Pro when installed via the Overleaf Toolkit or legacy docker-compose deployments prior to mid-2024. By default, LaTeX compiles could access the sharelatex container resources (filesystem, network, environment variables) if security features were not...
CVE-2024-45313 Insecure default setting for Server Pro installed via Overleaf toolkit
Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf Toolkit from before 2024-07-17 or legacy docker-compose.yml from before 2024-08-28, the configuration for LaTeX compiles was insecure by default, requiring the administrator to enable the security...
PT-2024-31565 · Overleaf · Overleaf Server Pro
Name of the Vulnerable Software and Affected Versions: Overleaf Server Pro versions prior to 2024-07-17 Overleaf Server Pro using legacy docker-compose.yml versions prior to 2024-08-28 Description: Overleaf is a web-based collaborative LaTeX editor. When installing Server Pro using the Overleaf...
FreeBSD : forgejo -- The scope of application tokens was not verified when writing containers or Conan packages. (eb437e17-66a1-11ef-ac08-75165d18d8d2)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eb437e17-66a1-11ef-ac08-75165d18d8d2 advisory. The forgejo team reports: The scope of application tokens was not verified when writing containers or...
Low: Red Hat Security Advisory: OpenShift Virtualization 4.15.5 Images
Red Hat OpenShift Virtualization release 4.15.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...
The vulnerability of the JSON aeson analysis and encoding library, related to insufficient encryption strength, allows attackers to trigger a service denial.
The vulnerability of the JSONeson analysis and encoding library is related to the creation of a collision in the basic unordered-containers library, by sending specially created JSON data. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...
AZL-48330 CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
AZL-48333 CVE-2024-43806 affecting package kata-containers for versions less than 3.2.0.azl4-1
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
forgejo -- The scope of application tokens was not verified when writing containers or Conan packages.
The forgejo team reports: The scope of application tokens was not verified when writing containers or Conan packages. This is of no consequence when the user associated with the application token does not have write access to packages. If the user has write access to packages, such a token can be...
(RHSA-2024:5749) Moderate: Red Hat OpenShift for Windows Containers 10.16.1 product release
Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers...
(RHSA-2024:5745) Moderate: Red Hat OpenShift for Windows Containers 10.15.3 product release
Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers...
GO-2022-0828 Path Traversal in Buildah in github.com/containers/buildah
Path Traversal in Buildah in github.com/containers/buildah...
GO-2022-0784 containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd
containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerd...
GO-2022-0416 Podman's default inheritable capabilities for linux container not empty in github.com/containers/podman
Podman's default inheritable capabilities for linux container not empty in github.com/containers/podman...
GO-2022-0363 Sysctls applied to containers with host IPC or host network namespaces can affect the host in github.com/cri-o/cri-o
Sysctls applied to containers with host IPC or host network namespaces can affect the host in github.com/cri-o/cri-o...
Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:5258)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
GO-2023-1927 Podman Path Traversal Vulnerability leads to arbitrary file read/write in github.com/containers/podman
Podman Path Traversal Vulnerability leads to arbitrary file read/write in github.com/containers/podman...
kernel: Reserved fields in guest message responses may not be zero initialized
A flaw was found in some AMD CPUs where the guest message responses have not been zero-initialized. This issue may allow a local attacker with the ability to run arbitrary code on a container or virtual machine to discover sensitive information contained in the host system's memory...