Lucene search
K

242 matches found

CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

Kata Containers 安全漏洞

Kata Containers is an open-source, lightweight virtual infrastructure building tool developed by the Kata Containers community. Versions of Kata Containers prior to 3.27.0 contained a security vulnerability. This vulnerability stemmed from issues during interactions with the Cloud Hypervisor, whi...

9.3CVSS6AI score0.00223EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.13 views

PT-2026-20867

Name of the Vulnerable Software and Affected Versions Kata Containers versions prior to 3.27.0 Description Kata Containers is an open source project focused on providing a standard implementation of lightweight Virtual Machines VMs that function like containers. A flaw in Kata with Cloud Hypervis...

9.9CVSS6.5AI score0.27661EPSS
Exploits45References122
OSV
OSV
added 2026/02/18 4:16 a.m.6 views

AZL-78120 CVE-2026-27171 affecting package kata-containers 3.19.1.kata2-6

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

5.5CVSS5.7AI score0.00204EPSS
Exploits1References1
OSV
OSV
added 2026/02/06 8:16 p.m.7 views

AZL-76994 CVE-2026-25727 affecting package kata-containers 3.19.1.kata2-4

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.7AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 10:16 p.m.7 views

AZL-76691 CVE-2026-25541 affecting package kata-containers 3.19.1.kata2-4

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

7.5CVSS5.6AI score0.00559EPSS
Exploits1References1
OSV
OSV
added 2026/01/29 6:16 p.m.6 views

AZL-75770 CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

10CVSS5.7AI score0.00438EPSS
Exploits1References1
NVD
NVD
added 2026/01/29 6:16 p.m.10 views

CVE-2026-24054

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

10CVSS0.00438EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/29 5:16 p.m.5 views

CVE-2026-24054

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/01/29 5:16 p.m.21 views

CVE-2026-24054

Kata Containers Runtime (kata-containers) versions prior to 3.26.0 are affected. When a container image is malformed or has no layers, containerd bind-mounts an empty snapshotter directory for the container rootfs; the Kata runtime then mounts rootfs and may detect it as a block device, causing t...

10CVSS5.8AI score0.00438EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/01/29 5:16 p.m.6 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions when the container image is malformed or contains no layers. An attacker can cause service disruption and induce filesystem errors by supplying a specially crafted container image...

10CVSS5.9AI score0.00438EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/29 5:16 p.m.30 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS0.00438EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/29 5:16 p.m.7 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References5
OSV
OSV
added 2026/01/29 5:16 p.m.4 views

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/29 5:16 p.m.7 views

EUVD-2026-4958

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

9.3CVSS5.8AI score0.00438EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.9 views

Kata Containers Code Issues and Vulnerabilities

Kata Containers is an open-source, lightweight virtual infrastructure building tool developed by the Kata Containers community. Versions of Kata Containers prior to 3.26.0 contained code vulnerabilities. These vulnerabilities stemmed from the backtracking of empty directories when handling...

10CVSS5.9AI score0.00438EPSS
Exploits1References6
CBLMariner
CBLMariner
added 2026/01/27 11:27 p.m.9 views

CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3

CVE-2026-24054 affecting package kata-containers for versions less than 3.19.1.kata2-3. A patched version of the package is available...

10CVSS5.9AI score0.00438EPSS
Exploits1
OSV
OSV
added 2026/01/26 8:16 p.m.5 views

AZL-75434 CVE-2025-11065 affecting package kata-containers 3.19.1.kata2-4

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.3AI score0.00357EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

Azure Linux 3.0 Security Update: kata-containers (CVE-2024-32650)

The version of kata-containers installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32650 advisory. - Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall int...

7.5CVSS5.6AI score0.00949EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kata-containers (CVE-2020-25576)

The version of kata-containers installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-25576 advisory. - An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to...

9.8CVSS5.7AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

Azure Linux 3.0 Security Update: kata-containers (CVE-2022-23523)

The version of kata-containers installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23523 advisory. - In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF...

5.5CVSS5.5AI score0.00207EPSS
Exploits0References2
Rows per page
Query Builder