4 matches found
EUVD-2025-33556
Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated had the right key...
EUVD-2024-45562
Malicious code in bioql PyPI...
CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In Kata Containers versions from 3.20.0 and before, a malicious host can circumvent initdata verification. On TDX systems running confidential guests, ...
CVE-2025-58354
Kata Containers prior to 3.21.0 are affected. On TDX systems with confidential guests, a malicious host can bypass initdata verification, allowing the attacker to launch arbitrary workloads while maintaining valid trustee attestation to impersonate benign workloads. The issue has been fixed in Ka...