17 matches found
RHCOS 4 : OpenShift Container Platform 4.6.58 (RHSA-2022:2263)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:2263 advisory. - psgo: Privilege escalation in 'podman top' CVE-2022-1227 Note that Nessus has not tested for this issue but has instead relied only on the...
The vulnerability of the `podman top` command implementation in the software for managing and launching OCI containers on Red Hat Enterprise Linux, RedOS, and the corporate platform Red Hat OpenShift Container Platform allows a malicious individual to gain unauthorized access to protected information, increase their privileges, or cause service failures.
The vulnerability of the podman top command in the software for managing and starting OCI containers on Red Hat Enterprise Linux, RedOS, and the corporate platform Red Hat OpenShift Container Platform is related to the loading of a malicious image into the public registry due to incorrect access...
CBL Mariner 2.0 Security Update: podman (CVE-2022-1227)
The version of podman installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-1227 advisory. - A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to...
RHEL 8 : container-tools:rhel8 (RHSA-2022:5622)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5622 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: psgo: Privilege...
psgo: Privilege escalation in 'podman top'
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
psgo: Privilege escalation in 'podman top'
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
psgo: Privilege escalation in 'podman top'
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem leading to information disclosure or denial of service.
...
psgo: Privilege escalation in 'podman top'
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
CentOS 8 : container-tools:3.0 (CESA-2022:2143)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:2143 advisory. - psgo: Privilege escalation in 'podman top' CVE-2022-1227 Note that Nessus has not tested for this issue but has instead relied only on the application's...
psgo: Privilege escalation in 'podman top'
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
psgo: Privilege escalation in 'podman top'
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
GHSA-66VW-V2X9-HW75 Podman publishes a malicious image to public registries
Podman is a tool for managing OCI containers and pods. A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman...
CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...
CVE-2022-1227
CVE-2022-1227 describes a privilege-escalation flaw in Podman where an attacker could publish a malicious image to a public registry; when a victim downloads it, running the user command ‘podman top’ could grant access to the host filesystem, enabling information disclosure or DoS. The issue is t...
CVE-2022-1227
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to...