242 matches found
CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7. A patched version of the package is available...
CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7. A patched version of the package is available...
Azure Linux 3.0 Security Update: kata-containers / kata-containers-cc / rpm-ostree (CVE-2024-27308)
The version of kata-containers / kata-containers-cc / rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27308 advisory. - Mio is a Metal I/O library for Rust. When using named pipes on...
Azure Linux 3.0 Security Update: kata-containers / kata-containers-cc (CVE-2025-5791)
The version of kata-containers / kata-containers-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5791 advisory. - A flaw was found in the user's crate for Rust. This vulnerability allows...
CBL Mariner 2.0 Security Update: kata-containers / kata-containers-cc (CVE-2025-5791)
The version of kata-containers / kata-containers-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5791 advisory. - A flaw was found in the user's crate for Rust. This vulnerability allows...
Important: Red Hat Security Advisory: Red Hat OpenShift sandboxed containers release
Release of Red Hat OpenShift sandboxed containers. Red Hat OpenShift sandboxed containers, based on the Kata Containers project...
AZL-66008 CVE-2024-58266 affecting package kata-containers 3.2.0.azl2-7
The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...
AZL-65556 CVE-2025-53605 affecting package kata-containers for versions less than 3.19.1.kata2-1
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
AZL-65574 CVE-2025-53605 affecting package kata-containers 3.2.0.azl2-7
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
AZL-65577 CVE-2025-53605 affecting package kata-containers-cc 3.2.0.azl2-8
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
AZL-63848 CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
CBL Mariner 2.0 Security Update: cloud-hypervisor / kata-containers / kata-containers-cc (CVE-2023-50711)
The version of cloud-hypervisor / kata-containers / kata-containers-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50711 advisory. - vmm-sys-util is a collection of modules that provides helpe...
Azure Linux 3.0 Security Update: cloud-hypervisor / kata-containers / kata-containers-cc (CVE-2023-50711)
The version of cloud-hypervisor / kata-containers / kata-containers-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50711 advisory. - vmm-sys-util is a collection of modules that provides helpe...
CVE-2020-27151
An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute arbitrary binaries as root on th...
AZL-61855 CVE-2025-4574 affecting package kata-containers for versions less than 3.18.0.kata0-1
In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption...
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8
CVE-2023-44487 affecting package kata-containers for versions less than 3.1.0-8. A patched version of the package is available...
CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2
CVE-2023-44487 affecting package kata-containers-cc for versions less than 0.6.1-2. A patched version of the package is available...
CVE-2023-39325 affecting package kata-containers for versions less than 3.2.0.azl4-1
CVE-2023-39325 affecting package kata-containers for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-39325 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1
CVE-2023-39325 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl4-1
CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...