Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: crun (TSSA-2024:0811)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0811 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.2CVSS7.5AI score0.01418EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/14 3:42 p.m.19 views

Security Bulletin: Vulnerability in CRI-O affects watsonx.data

Summary CRI-O could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an arbitrary systemd property injection. This could affect watsonx.data. Vulnerability Details CVEID:CVE-2024-3154 DESCRIPTION: CRI-O could allow a remote authenticated attacker to...

7.2CVSS7.7AI score0.01418EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/05/31 11:8 a.m.3 views

OESA-2024-1688 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary actio...

7.2CVSS6.8AI score0.01418EPSS
Exploits0References2
OSV
OSV
added 2024/04/30 9:39 a.m.20 views

GHSA-2CGQ-H8XW-2V5J CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.1AI score0.01418EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/04/30 9:39 a.m.38 views

CRI-O vulnerable to an arbitrary systemd property injection

Impact On CRI-O, it looks like an arbitrary systemd property can be injected via a Pod annotation: --- apiVersion: v1 kind: Pod metadata: name: poc-arbitrary-systemd-property-injection annotations: I believe that ExecStart with an arbitrary command works here too, but I haven't figured out how to...

7.2CVSS7.2AI score0.01418EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2024/04/24 11:14 p.m.2 views

SUSE CVE-2024-3154

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

7.2CVSS6.9AI score0.01418EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/04/23 11:35 a.m.41 views

CVE-2024-3154

A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system...

7.2CVSS6.7AI score0.01418EPSS
Exploits0References6
Rows per page
Query Builder