CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2119 matches found

OSV•added 2023/03/03 7:15 p.m.•32 views

CVE-2023-27561

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because...

7CVSS7.1AI score

Exploits0References10

OSV•added 2023/03/03 7:15 p.m.•4 views

AZL-25574 CVE-2023-27561 affecting package moby-runc for versions less than 1.1.5-1

7CVSS6.8AI score0.00146EPSS

Exploits1References1

NVD•added 2023/03/03 7:15 p.m.•31 views

CVE-2023-27561

7CVSS7.3AI score0.00146EPSS

Exploits1References10

OSV•added 2023/03/03 7:15 p.m.•1 views

DEBIAN-CVE-2023-27561

7CVSS6.2AI score0.00146EPSS

Exploits1References1

UbuntuCve•added 2023/03/03 7:15 p.m.•39 views

CVE-2023-27561

7CVSS6.7AI score0.00146EPSS

Exploits1References6

OSV•added 2023/03/03 7:15 p.m.•1 views

UBUNTU-CVE-2023-27561

7CVSS6.8AI score0.00146EPSS

Exploits1References7

Cvelist•added 2023/03/03 12:0 a.m.•24 views

CVE-2023-27561

7.5AI score0.00146EPSS

Exploits1References9

Vulnrichment•added 2023/03/03 12:0 a.m.•30 views

CVE-2023-27561

7AI score0.00146EPSS

Exploits1References9

CVE•added 2023/03/03 12:0 a.m.•471 views

CVE-2023-27561

CVE-2023-27561 affects runc; a race condition in volume mounts between two containers with shared mounts can enable an escalation of privileges via libcontainer/rootfs_linux.go. The issue is a regression of CVE-2019-19921 and requires two containers with custom volume-mount configurations and cus...

7CVSS6.8AI score0.00146EPSS

Exploits1References10Affected Software1

AlpineLinux•added 2023/03/03 12:0 a.m.•66 views

CVE-2023-27561

7CVSS7.6AI score0.00146EPSS

Exploits1

CNNVD•added 2023/03/03 12:0 a.m.•3 views

runc 安全漏洞

runc is a CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc version 1.1.4 and earlier versions that stems from incorrect access control. An attacker can exploit the vulnerability to escalate privileges...

7CVSS7AI score0.00146EPSS

Exploits1References17

Debian CVE•added 2023/03/03 12:0 a.m.•50 views

CVE-2023-27561

7CVSS6.4AI score0.00146EPSS

Exploits1

Rockylinux•added 2023/02/22 1:8 a.m.•21 views

container-tools:4.0 bug fix update

An update is available for module.cockpit-podman, module.fuse-overlayfs, conmon, module.conmon, libslirp, podman, module.udica, module.container-selinux, buildah, crun, module.runc, slirp4netns, oci-seccomp-bpf-hook, module.python-podman, module.buildah, fuse-overlayfs, module.criu,...

0.5AI score

Exploits0

Rockylinux•added 2023/02/22 1:8 a.m.•9 views

container-tools:3.0 bug fix and enhancement update

An update is available for module.cockpit-podman, module.fuse-overlayfs, conmon, module.conmon, libslirp, podman, module.udica, module.container-selinux, buildah, crun, module.runc, slirp4netns, oci-seccomp-bpf-hook, module.buildah, fuse-overlayfs, module.criu, containernetworking-plugins,...

1AI score

Exploits0

F5 Networks•added 2023/02/21 7:56 p.m.•86 views

K46421255: Docker privilege elevation vulnerability CVE-2019-5736

Security Advisory Description runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a...

9.3CVSS7.5AI score0.59178EPSS

Exploits33

F5 Networks•added 2023/02/21 6:29 p.m.•31 views

K33820305: runc vulnerability CVE-2021-30465

Security Advisory Description runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack th...

8.5CVSS6.7AI score0.01473EPSS

Exploits0

Tenable Nessus•added 2023/02/21 12:0 a.m.•36 views

Debian dla-3322 : golang-github-opencontainers-selinux-dev - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3322 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3322-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.1AI score0.0032EPSS

Exploits1References4

Positive Technologies•added 2023/02/20 12:0 a.m.•2 views

PT-2023-3588 · Runc +8 · Runc +8

Name of the Vulnerable Software and Affected Versions: runc versions 1.0.0-rc95 through 1.1.4 Description: The issue is related to the libcontainer/rootfs linux.go component of the runc tool, which is used for running isolated containers. It allows an attacker to exploit incorrect access control,...

9.8CVSS6.3AI score0.02514EPSS

Exploits5References185

Tenable Nessus•added 2023/02/16 12:0 a.m.•49 views

Rocky Linux 8 : container-tools:rhel8 (RLSA-2022:7457)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7457 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 whe...

7.8CVSS7.5AI score0.00498EPSS

Exploits2References59

SUSE CVE•added 2023/02/15 4:54 a.m.•2 views

SUSE CVE-2016-9962

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...

6.4CVSS9.7AI score0.00077EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by