Lucene search
K

1037 matches found

OSV
OSV
added 2022/08/27 12:15 p.m.1 views

DEBIAN-CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

4.3CVSS4.8AI score0.00815EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/27 11:30 a.m.28 views

CVE-2022-2787 stricter rules on chroot names

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

4.9AI score0.00815EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-2419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.05421EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-74-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/18 12:0 a.m.3 views

CVE-2022-2787

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session...

4.3CVSS5.9AI score0.00815EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/08/03 12:0 a.m.4 views

PT-2022-37506 · Apptainer +3 · Apptainer +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned as vulnerable in the provided descriptions. Description: The issue concerns updates for permissions that fix several problems, including the starter-suid location in apptainer, removal of...

7AI score
Exploits0References5
Veracode
Veracode
added 2022/07/19 8:37 a.m.30 views

Information Disclosure

dompdf/dompdf is vulnerable to information disclosure. The vulnerability exists because the resource URI validations are not properly handled which allows an attacker to bypass chroot checks and gain access to image files in the system...

5.3CVSS5.3AI score0.00913EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2022/07/19 12:0 a.m.258 views

GHSA-5QJ8-6XXJ-HP9H Dompdf before v2.0.0 vulnerable to chroot check bypass

Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...

5.3CVSS6.8AI score0.00913EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/07/19 12:0 a.m.32 views

Dompdf before v2.0.0 vulnerable to chroot check bypass

Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files...

5.3CVSS3.2AI score0.00913EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/18 12:0 a.m.3 views

PT-2022-16401

Name of the Vulnerable Software and Affected Versions dompdf versions prior to 2.0.0 Description The issue concerns a chroot check bypass that could lead to the disclosure of png and jpeg files. It allows for external control of file name or path in the GitHub repository dompdf/dompdf...

9.8CVSS8AI score0.04556EPSS
Exploits2References35
OSV
OSV
added 2022/05/24 4:51 p.m.25 views

GHSA-V2CV-WWXQ-QQ97 Moby Docker cp broken with debian containers

In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...

9.8CVSS9.2AI score0.18828EPSS
Exploits3References11
Veracode
Veracode
added 2022/05/18 5:37 p.m.20 views

Arbitrary Code Execution

apport is vulnerable to arbitrary code execution. The vulnerability exists beause it does not disable python crash handler before entering chroot which allows an attacker to inject arbitrary codes...

7.8CVSS3.9AI score0.00228EPSS
Exploits0References3Affected Software3
UbuntuCve
UbuntuCve
added 2022/05/17 6:0 p.m.31 views

CVE-2022-28657

Apport does not disable python crash handler before entering chroot...

7.8CVSS7.1AI score0.00228EPSS
Exploits0References3
OSV
OSV
added 2022/05/17 6:0 p.m.3 views

UBUNTU-CVE-2022-28657

Apport does not disable python crash handler before entering chroot...

7.8CVSS7.1AI score0.00228EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.6 views

PT-2022-19147 · Apport +2 · Apport +2

Name of the Vulnerable Software and Affected Versions: Apport affected versions not specified Description: The issue is related to Apport not disabling the python crash handler before entering chroot. This could potentially lead to unintended consequences, although specific details about the impa...

7.8CVSS6.5AI score0.00384EPSS
Exploits0References26
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.56 views

Canonical Apport 安全特征问题漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and feeding back error messages information that the operating system finds useful when an application crashes. Canonical Apport suffers from a security signature issue vulnerability that stems from a system where Apport does not...

7.8CVSS7.7AI score0.00228EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/05/17 12:0 a.m.29 views

Canonical Apport 安全漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and feeding back error messages information that the operating system finds useful when an application crashes. A security vulnerability exists in Canonical Apport that stems from a system where Apport does not disable the python cras...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2022/05/13 1:54 a.m.22 views

Ansible Sandbox Escape via Symlink Attack

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack...

7.8CVSS6.5AI score0.00443EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.104 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2021:4154)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4154 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 containers/storage: DoS via malicious image...

7.1CVSS7.3AI score0.01587EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/03/11 12:0 a.m.42 views

AlmaLinux 8 : container-tools:3.0 (ALSA-2021:4222)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4222 advisory. buildah: Host environment variables leaked in build container when using chroot isolation CVE-2021-3602 Tenable has extracted the preceding description block...

5.5CVSS6.1AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder