SUSE CVE-2017-7418

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass th...

SUSE CVE-2019-14271

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

SUSE CVE-2020-5221

In uftpd before 2.11, it is possible for an unauthenticated user to perform a directory traversal attack using multiple different FTP commands and read and write to arbitrary locations on the filesystem due to the lack of a well-written chroot jail in composeabspath. This has been fixed in versio...

SUSE CVE-2020-20277

There are multiple unauthenticated directory traversal vulnerabilities in different FTP commands in uftpd FTP server versions 2.7 to 2.10 due to improper implementation of a chroot jail in common.c's composeabspath function that can be abused to read or write to arbitrary files on the filesystem,...

SUSE CVE-2021-3602

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN commands can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment,...

schroot: Denial of Service

Background schroot is a utility to execute commands in a chroot environment. Description schroot is unecessarily permissive in rules regarding chroot and session names. Impact A crafted chroot or session name can break the internal state of the schroot service, leading to denial of service...

SUSE SLES15 Security Update : libcontainers-common (SUSE-SU-2022:3312-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3312-1 advisory. - An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlin...

DEBIAN-CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

CVE-2022-2787 stricter rules on chroot names

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

Ubuntu: Security Advisory (USN-74-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

PT-2022-37506 · Apptainer +3 · Apptainer +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned as vulnerable in the provided descriptions. Description: The issue concerns updates for permissions that fix several problems, including the starter-suid location in apptainer, removal of...

Information Disclosure

dompdf/dompdf is vulnerable to information disclosure. The vulnerability exists because the resource URI validations are not properly handled which allows an attacker to bypass chroot checks and gain access to image files in the system...

Dompdf before v2.0.0 vulnerable to chroot check bypass

Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...

GHSA-5QJ8-6XXJ-HP9H Dompdf before v2.0.0 vulnerable to chroot check bypass

Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...

PT-2022-16401

Name of the Vulnerable Software and Affected Versions dompdf versions prior to 2.0.0 Description The issue concerns a chroot check bypass that could lead to the disclosure of png and jpeg files. It allows for external control of file name or path in the GitHub repository dompdf/dompdf...

GHSA-V2CV-WWXQ-QQ97 Moby Docker cp broken with debian containers

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

Arbitrary Code Execution

apport is vulnerable to arbitrary code execution. The vulnerability exists beause it does not disable python crash handler before entering chroot which allows an attacker to inject arbitrary codes...

CVE-2022-28657

Apport does not disable python crash handler before entering chroot...