Ubuntu: Security Advisory (USN-74-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

PT-2022-37506 · Apptainer +3 · Apptainer +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned as vulnerable in the provided descriptions. Description: The issue concerns updates for permissions that fix several problems, including the starter-suid location in apptainer, removal of...

Information Disclosure

dompdf/dompdf is vulnerable to information disclosure. The vulnerability exists because the resource URI validations are not properly handled which allows an attacker to bypass chroot checks and gain access to image files in the system...

Dompdf before v2.0.0 vulnerable to chroot check bypass

Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...

GHSA-5QJ8-6XXJ-HP9H Dompdf before v2.0.0 vulnerable to chroot check bypass

Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...

PT-2022-16401

Name of the Vulnerable Software and Affected Versions dompdf versions prior to 2.0.0 Description The issue concerns a chroot check bypass that could lead to the disclosure of png and jpeg files. It allows for external control of file name or path in the GitHub repository dompdf/dompdf...

GHSA-V2CV-WWXQ-QQ97 Moby Docker cp broken with debian containers

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

Arbitrary Code Execution

apport is vulnerable to arbitrary code execution. The vulnerability exists beause it does not disable python crash handler before entering chroot which allows an attacker to inject arbitrary codes...

UBUNTU-CVE-2022-28657

Apport does not disable python crash handler before entering chroot...

CVE-2022-28657

Apport does not disable python crash handler before entering chroot...

PT-2022-19147 · Apport +2 · Apport +2

Name of the Vulnerable Software and Affected Versions: Apport affected versions not specified Description: The issue is related to Apport not disabling the python crash handler before entering chroot. This could potentially lead to unintended consequences, although specific details about the impa...

Canonical Apport 安全特征问题漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and feeding back error messages information that the operating system finds useful when an application crashes. Canonical Apport suffers from a security signature issue vulnerability that stems from a system where Apport does not...

Canonical Apport 安全漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and feeding back error messages information that the operating system finds useful when an application crashes. A security vulnerability exists in Canonical Apport that stems from a system where Apport does not disable the python cras...

Ansible Sandbox Escape via Symlink Attack

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

AlmaLinux 8 : container-tools:3.0 (ALSA-2021:4222)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4222 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 Tenable has extracted the preceding description block...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2021:4154)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4154 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 containers/storage: DoS via malicious image...

openSUSE 15 Security Update : conmon, libcontainers-common, libseccomp, podman (openSUSE-SU-2022:23018-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:23018-1 advisory. - An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API o...

AZL-39837 CVE-2021-3602 affecting package cri-o for versions less than 1.21.7-2

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN commands can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment,...