Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2118 matches found

SUSE CVE
SUSE CVEadded 2023/03/30 1:44 a.m.1 views

SUSE CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

2.5CVSS6.9AI score0.00037EPSS
Exploits1References14
SUSE CVE
SUSE CVEadded 2023/03/30 1:44 a.m.1 views

SUSE CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

6.1CVSS6.8AI score0.00012EPSS
Exploits0References14
NVD
NVDadded 2023/03/29 7:15 p.m.16 views

CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS7.2AI score0.00037EPSS
Exploits1References2
OSV
OSVadded 2023/03/29 7:15 p.m.4 views

AZL-25851 CVE-2023-25809 affecting package moby-runc for versions less than 1.1.5-1

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS6.7AI score0.00037EPSS
Exploits1References1
OSV
OSVadded 2023/03/29 7:15 p.m.1 views

DEBIAN-CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS6.6AI score0.00012EPSS
Exploits0References1
OSV
OSVadded 2023/03/29 7:15 p.m.1 views

DEBIAN-CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS6.5AI score0.00037EPSS
Exploits1References1
OSV
OSVadded 2023/03/29 7:15 p.m.4 views

AZL-25850 CVE-2023-28642 affecting package moby-runc for versions less than 1.1.5-1

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS6.7AI score0.00012EPSS
Exploits0References1
NVD
NVDadded 2023/03/29 7:15 p.m.16 views

CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS7.2AI score0.00012EPSS
Exploits0References3
OSV
OSVadded 2023/03/29 7:15 p.m.0 views

UBUNTU-CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS6.8AI score0.00037EPSS
Exploits1References6
Prion
Prionadded 2023/03/29 7:15 p.m.25 views

Design/Logic Flaw

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

4.3CVSS6.8AI score0.00037EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/03/29 7:15 p.m.2 views

UBUNTU-CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS6.8AI score0.00012EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2023/03/29 6:22 p.m.3 views

CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

5CVSS7AI score0.00037EPSS
Exploits1References2
CVE
CVEadded 2023/03/29 6:22 p.m.401 views

CVE-2023-25809

CVE-2023-25809 affects runc (rootless and certain host configurations) where rootless runc can make /sys/fs/cgroup writable under two conditions: 1) inside a user namespace without unsharing cgroup namespace (e.g., docker/podman/nerdctl run --cgroupns=host), or 2) outside the user namespace with ...

6.3CVSS6.6AI score0.00037EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2023/03/29 6:22 p.m.40 views

CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS7.1AI score0.00037EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2023/03/29 6:22 p.m.53 views

CVE-2023-25809

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

6.3CVSS6.9AI score0.00037EPSS
Exploits1
OSV
OSVadded 2023/03/29 6:22 p.m.22 views

CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

5CVSS6.8AI score0.00037EPSS
Exploits1References4
Cvelist
Cvelistadded 2023/03/29 6:22 p.m.24 views

CVE-2023-25809 rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc

runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup...

5CVSS7.2AI score0.00037EPSS
Exploits1References2
AlpineLinux
AlpineLinuxadded 2023/03/29 6:15 p.m.41 views

CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS7.8AI score0.00012EPSS
Exploits0
Debian CVE
Debian CVEadded 2023/03/29 6:15 p.m.30 views

CVE-2023-28642

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

7.8CVSS7AI score0.00012EPSS
Exploits0
Cvelist
Cvelistadded 2023/03/29 6:15 p.m.21 views

CVE-2023-28642 AppArmor bypass with symlinked /proc in runc

runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when /proc inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked /proc...

6.1CVSS7.9AI score0.00012EPSS
Exploits0References2
Rows per page
Query Builder