Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-113 (ALASNITRO-ENCLAVES-2026-113)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-113 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...

9.4CVSS6.1AI score0.00229EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Amazon Linux 2 : containerd, --advisory ALAS2ECS-2026-128 (ALASECS-2026-128)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-128 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...

9.4CVSS6.1AI score0.00229EPSS
Exploits0References12
Amazon
Amazon
added 3 days ago6 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.4CVSS6AI score0.00229EPSS
Exploits0
Amazon
Amazon
added 3 days ago5 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.4CVSS6AI score0.00229EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : containerd vulnerabilities (USN-8472-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8472-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibl...

9.4CVSS6.3AI score0.00781EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 6 days ago3 views

Ubuntu 25.10 / 26.04 LTS : containerd-stable vulnerabilities (USN-8473-1)

The remote Ubuntu 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8473-1 advisory. It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd...

9.4CVSS6.3AI score0.00781EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 1:18 p.m.4 views

USN-8472-1 containerd-app vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.4CVSS6.4AI score0.00781EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2026/06/25 1:18 p.m.8 views

USN-8472-1: containerd vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.4CVSS6.4AI score0.00781EPSS
Exploits0
OSV
OSV
added 2026/06/25 1:14 p.m.8 views

USN-8473-1 containerd-stable vulnerabilities

It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. CVE-2026-33814 Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handle...

9.4CVSS6.4AI score0.00781EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Containerd 2.1.x < 2.1.9 / 2.2.x < 2.2.5 / 2.3.x < 2.3.2 Multiple Vulnerabilities

The version of Containerd on the remote host is 2.1.x prior to 2.1.9, 2.2.x prior to 2.2.5, or 2.3.x prior to 2.3.2. It is, therefore, affected by multiple vulnerabilities: - containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references...

8.4CVSS6AI score
Exploits0References6
Snyk
Snyk
added 2026/03/27 5:8 p.m.1 views

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value inadequate validation of the combined fingerprint during image downloads from simplestreams servers. An attacker can cause users to deploy malicious images by providing manipulated image file...

7.7CVSS6.1AI score0.0018EPSS
Exploits1References2
OSV
OSV
added 2026/03/26 11:16 p.m.1 views

UBUNTU-CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2026/03/26 10:32 p.m.3 views

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 10:32 p.m.5 views

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.9AI score0.0018EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.8 views

Incus 信任管理问题漏洞

Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 6.23.0 had a vulnerability related to trust management. This vulnerability stemmed from the lack of image fingerprint verification during the download from the simplestreams image server, which...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References2
NVD
NVD
added 2024/12/06 5:15 p.m.14 views

CVE-2024-54143

openwrt/asu is an image on demand server for OpenWrt based distributions. The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious...

9.3CVSS0.01867EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.3 views

SUSE CVE-2014-8178

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands...

5.5CVSS7AI score0.00493EPSS
Exploits0References6
OSV
OSV
added 2019/12/17 2:15 p.m.5 views

CVE-2014-8178

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands...

5.5CVSS7.3AI score
Exploits0References6
Prion
Prion
added 2019/12/17 2:15 p.m.18 views

Command injection

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands...

1.9CVSS6.7AI score0.00493EPSS
Exploits0References5Affected Software3
Rows per page
Query Builder