Lucene search
K

269 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

RockyLinux 10 : buildah (RLSA-2025:22012)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22012 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 golang: archive/tar: Unbounded...

7.5CVSS7AI score0.00523EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.3 views

RockyLinux 8 : container-tools:4.0 (RLSA-2023:6938)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:6938 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handli...

9.8CVSS6.5AI score0.04561EPSS
Exploits2References33
Rockylinux
Rockylinux
added 2025/11/28 9:14 a.m.8 views

buildah security update

An update is available for buildah. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container...

7.5CVSS7AI score0.00523EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/11/27 11:8 a.m.9 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.53 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

8.4CVSS7.1AI score0.0067EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2025/11/25 5:3 a.m.7 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
Redos
Redos
added 2025/11/25 12:0 a.m.5 views

ROS-20251125-13

A vulnerability in the maskedPaths feature of the isolated container runc tool is related to the runc state that allows link tracking. Exploitation of the vulnerability could allow an attacker to Affect the confidentiality, integrity and availability of protected information...

7.8CVSS6.7AI score0.0067EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.2 views

RHEL 10 : buildah (RHSA-2025:22012)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22012 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...

7.5CVSS7AI score0.00523EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.4 views

AlmaLinux 10 : podman (ALSA-2025:21220)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21220 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

7.5CVSS7AI score0.00523EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.2 views

RockyLinux 10 : podman (RLSA-2025:21220)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:21220 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

7.5CVSS7.1AI score0.00523EPSS
Exploits1References3
OSV
OSV
added 2025/11/21 6:19 p.m.5 views

RLSA-2025:21220 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

8.2CVSS6.9AI score0.00523EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/11/21 6:19 p.m.4 views

podman security update

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

7.5CVSS7AI score0.00523EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: container-tools:rhel8 (TSSA-2022:0110)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0110 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.3CVSS7.5AI score0.9857EPSS
Exploits38References12
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 3: container-tools:rhel8 (TSSA-2024:0103)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0103 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.6CVSS7AI score0.18087EPSS
Exploits18References2
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.5 views

AlmaLinux 9 : runc (ALSA-2025:20957)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:20957 advisory. runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/conso...

8.4CVSS7AI score0.0067EPSS
Exploits4References5
OSV
OSV
added 2025/11/18 3:44 p.m.5 views

GO-2025-4097 Container escape with malicious config due to /dev/console mount and related races in github.com/opencontainers/runc

Container escape with malicious config due to /dev/console mount and related races in github.com/opencontainers/runc...

8.4CVSS6.8AI score0.00523EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2025/11/18 12:16 a.m.3 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
AlmaLinux
AlmaLinux
added 2025/11/18 12:0 a.m.10 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

7.5CVSS6.4AI score0.00523EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/11/13 10:51 a.m.5 views

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

8.4CVSS5.7AI score0.00523EPSS
Exploits1References5
Veracode
Veracode
added 2025/11/13 5:57 a.m.6 views

Improper File Access

runc is vulnerable to improper file access. The vulnerability is due to insufficient validation of write targets in /proc during concurrent container execution with shared mounts, which allows an attacker to exploit race conditions and redirect writes to unintended procfs files...

7.5CVSS7.1AI score0.00523EPSS
Exploits1References22Affected Software5
OSV
OSV
added 2025/11/13 12:0 a.m.5 views

ALSA-2025:21232 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 runc: container escape with malicious config due to /dev/console mount and...

8.4CVSS6.8AI score0.0067EPSS
Exploits4References8
Rows per page
Query Builder