CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7815 matches found

Ubuntu•added 2021/03/15 10:14 p.m.•37 views

USN-4442-2: Sympa vulnerabilities

USN-4442-1 fixed vulnerabilities in Sympa. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 ESM and Ubuntu 20.04 ESM. Original advisory details: Nicolas Chatelain discovered that Sympa incorrectly handled environment variables. An attacker could possibly use this...

9.8CVSS7.6AI score0.03982EPSS

Exploits1

OSV•added 2021/03/15 10:14 p.m.•1 views

USN-4442-2 sympa vulnerabilities

9.8CVSS6.9AI score0.03982EPSS

Exploits1References4

Tenable Nessus•added 2021/03/15 12:0 a.m.•38 views

Fedora 33 : containerd (2021-470fa24f5b)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-470fa24f5b advisory. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation...

6.3CVSS6.4AI score0.02044EPSS

Exploits0References2

Tenable Nessus•added 2021/03/15 12:0 a.m.•28 views

Fedora 33 : 1:golang-github-containerd-cri (2021-10ce8fcbf1)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-10ce8fcbf1 advisory. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...

6.3CVSS6.4AI score0.02044EPSS

Exploits0References2

RedhatCVE•added 2021/03/11 8:1 p.m.•34 views

CVE-2021-21334

A flaw was found in containerd CRI plugin. Containers launched through containerd's CRI implementation that share the same image may receive incorrect environment variables, including values that are defined for other containers. The highest threat from this vulnerability is to data confidentiali...

6.3CVSS2.9AI score0.02044EPSS

Exploits0References3

NVD•added 2021/03/10 10:15 p.m.•19 views

CVE-2021-21334

In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service that share the same image may receive incorrect...

6.3CVSS0.02044EPSS

Exploits0References8

OSV•added 2021/03/10 10:15 p.m.•5 views

AZL-44910 CVE-2021-21334 affecting package cri-o 1.30.1-1

6.3CVSS6.5AI score0.02044EPSS

Exploits0References1

OSV•added 2021/03/10 10:15 p.m.•1 views

DEBIAN-CVE-2021-21334

6.3CVSS6.2AI score0.02044EPSS

Exploits0References1

OSV•added 2021/03/10 10:15 p.m.•21 views

CVE-2021-21334

6.3CVSS6.3AI score

Exploits0References8

ATTACKERKB•added 2021/03/10 10:15 p.m.•3 views

CVE-2021-21334

6.3CVSS5.3AI score0.02044EPSS

Exploits0References12Affected Software1

Prion•added 2021/03/10 10:15 p.m.•25 views

Design/Logic Flaw

4.3CVSS6.3AI score0.02044EPSS

Exploits0References8Affected Software2

Cvelist•added 2021/03/10 9:30 p.m.•22 views

CVE-2021-21334 environment variable leak

6.3CVSS6.7AI score0.02044EPSS

Exploits0References8

AlpineLinux•added 2021/03/10 9:30 p.m.•58 views

CVE-2021-21334

6.3CVSS6.6AI score0.02044EPSS

Exploits0

CVE•added 2021/03/10 9:30 p.m.•491 views

CVE-2021-21334

CVE-2021-21334 affects containerd’s CRI plugin: when multiple containers/pods are launched from the same image, containers may receive incorrect environment variables shared across them, potentially exposing sensitive data. The issue is fixed in containerd versions 1.3.10 and 1.4.4; affected envi...

6.3CVSS6.5AI score0.02044EPSS

Exploits0References8Affected Software1

Veracode•added 2021/03/10 2:40 a.m.•18 views

Information Disclosure

gradle-vagrant-plugin is vulnerable to information disclosure. The vulnerability exists as the values of environment variables are logged when environmentVariables are set, and when printCommandLineArgs in GDKExternalProcessExecutor.groovy is executed...

6.5CVSS3.1AI score0.01176EPSS

Exploits1References5Affected Software1

Tenable Nessus•added 2021/03/10 12:0 a.m.•21 views

EulerOS Virtualization 3.0.2.6 : perl (EulerOS-SA-2021-1446)

According to the version of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment...

7.5CVSS7AI score0.09007EPSS

Exploits0References2

OSV•added 2021/03/09 1:15 a.m.•14 views

CVE-2021-21361

The com.bmuschko:gradle-vagrant-plugin Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. This is fixe...

6.5CVSS6.2AI score

Exploits0References4

Prion•added 2021/03/09 1:15 a.m.•21 views

Information disclosure

3.3CVSS6.1AI score0.01176EPSS

Exploits1References4Affected Software1

Cvelist•added 2021/03/09 12:40 a.m.•17 views

CVE-2021-21361 Sensitive information disclosure via log in com.bmuschko:gradle-vagrant-plugin

5.3CVSS6.3AI score0.01176EPSS

Exploits1References4

OSV•added 2021/03/09 12:38 a.m.•38 views

GHSA-JPCM-4485-69P7 Sensitive information disclosure via log in com.bmuschko:gradle-vagrant-plugin

Impact The com.bmuschko:gradle-vagrant-plugin Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. Patch...

7.4CVSS6.3AI score0.01176EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by