Lucene search
K

146 matches found

Chainguard
Chainguard
added 2025/11/02 1:49 p.m.5 views

GHSA-RJCG-56PH-3QVG vulnerabilities

Vulnerabilities for packages: kpt, cilium, xeol-fips, nvidia-nsight-compute-12.9, prometheus-elasticsearch-exporter, blob-csi, configmap-reload-fips, runc, kubernetes-dashboard-auth-fips, velero-plugin-for-csi-fips, restic, kube-bench, gostatsd, sriov-network-device-plugin, vexctl, conftest-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.10 views

CVE-2025-58189 vulnerabilities

Vulnerabilities for packages: kpt, cilium, xeol-fips, nvidia-nsight-compute-12.9, prometheus-elasticsearch-exporter, blob-csi, configmap-reload-fips, runc, kubernetes-dashboard-auth-fips, velero-plugin-for-csi-fips, restic, kube-bench, gostatsd, sriov-network-device-plugin, vexctl, conftest-fips,...

5.3CVSS6.7AI score0.00443EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.9 views

CVE-2025-61724 vulnerabilities

Vulnerabilities for packages: kpt, cilium, xeol-fips, nvidia-nsight-compute-12.9, prometheus-elasticsearch-exporter, blob-csi, configmap-reload-fips, runc, kubernetes-dashboard-auth-fips, velero-plugin-for-csi-fips, restic, kube-bench, gostatsd, sriov-network-device-plugin, vexctl, conftest-fips,...

5.3CVSS6.7AI score0.00526EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.7 views

GHSA-CXQ7-XW9V-RCV3 vulnerabilities

Vulnerabilities for packages: kpt, cilium, xeol-fips, nvidia-nsight-compute-12.9, prometheus-elasticsearch-exporter, blob-csi, configmap-reload-fips, runc, kubernetes-dashboard-auth-fips, velero-plugin-for-csi-fips, restic, kube-bench, gostatsd, sriov-network-device-plugin, vexctl, conftest-fips,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.6 views

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: kpt, cilium, xeol-fips, nvidia-nsight-compute-12.9, prometheus-elasticsearch-exporter, blob-csi, configmap-reload-fips, runc, kubernetes-dashboard-auth-fips, velero-plugin-for-csi-fips, restic, kube-bench, gostatsd, sriov-network-device-plugin, vexctl, conftest-fips,...

5.9AI score
Exploits0
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in libpod

There is a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file is stored in a Secret or a ConfigMap volume, and such volumes contain symbolic links to host file paths. In a successful attack, the attacker can control only the target...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/10/16 11:3 a.m.5 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1950

Malicious code in bioql PyPI...

9.9CVSS8.8AI score0.00641EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27030

Malicious code in bioql PyPI...

8.1CVSS6.2AI score0.01008EPSS
Exploits0References13
OSV
OSV
added 2025/10/03 3:35 p.m.6 views

CLSA-2025-1759505734 podman: Fix of CVE-2025-9566

CVE-2025-9566: fix kube play vulnerability that allows following volume symlinks onto the host filesystem. Prevent symlink-based host escapes in ConfigMap and Secret volumes...

8.1CVSS7.2AI score0.01008EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/09/25 5:15 a.m.7 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/23 6:32 p.m.4 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/23 4:48 p.m.11 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/23 2:6 p.m.3 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
Chainguard
Chainguard
added 2025/09/20 1:30 p.m.6 views

GHSA-GWRF-JF3H-W649 vulnerabilities

Vulnerabilities for packages: kubernetes-dashboard-fips, nvidia-nsight-compute-12.9, karpenter, secrets-store-csi-driver-provider-aws-fips, k8sgpt-operator, configmap-reload-fips, mattmoor-chainit, git-lfs, sftpgo-plugin-geoipfilter, falco, blobfuse2, gostatsd, vexctl, openbao-k8s-fips,...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/09/17 3:50 p.m.1 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/16 9:18 a.m.3 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/16 5:56 a.m.2 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/16 3:57 a.m.3 views

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS5.8AI score0.01008EPSS
Exploits0References6
Veracode
Veracode
added 2025/09/08 9:4 a.m.5 views

Directory Traversal

github.com/containers/podman is vulnerable to Directory Traversal.The vulnerability is due to a lack of symlink canonicalization and host-path validation; this allows an attacker who supplies a malicious Kubernetes YAML to cause podman to write the ConfigMap/Secret data contents are defined by th...

8.1CVSS7.1AI score0.01008EPSS
Exploits0References35Affected Software4
Rows per page
Query Builder