340 matches found
CVE-2025-64329
containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...
CVE-2025-52565
runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container, an attacker can...
CVE-2024-25621
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
runc 安全漏洞
runc is an Open Container Initiative open source CLI Command Line Interface tool for generating and running containers according to the OCI specification. A security vulnerability exists in runc versions 1.2.7, 1.3.2, and 1.4.0-rc.2, which stems from an attacker's ability to misdirect a write...
CVE-2025-62596 youki container escape and denial of service due to arbitrary write gadgets and procfs write redirects
Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path...
EUVD-2025-37938
Youki is a container runtime written in Rust. In versions 0.5.6 and below, youki’s apparmor handling performs insufficiently strict write-target validation, and when combined with path substitution during pathname resolution, can allow writes to unintended procfs locations. While resolving a path...
PT-2025-45166
Name of the Vulnerable Software and Affected Versions Youki versions 0.5.6 and below Description Youki is a container runtime written in Rust. Insufficient initial validation of the /dev/null source allows for container escape when bind mounting the container's /dev/null as a file mask. This occu...
[SECURITY] Fedora 43 Update: runc-1.3.2-1.fc43
The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...
[SECURITY] Fedora 43 Update: cri-o1.34-1.34.1-1.fc43
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
[SECURITY] Fedora 42 Update: runc-1.3.2-1.fc42
The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...
[SECURITY] Fedora 41 Update: cri-o1.33-1.33.5-1.fc41
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
[SECURITY] Fedora 41 Update: cri-o1.31-1.31.13-1.fc41
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
[SECURITY] Fedora 42 Update: cri-o1.32-1.32.9-1.fc42
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
[SECURITY] Fedora 42 Update: cri-o1.34-1.34.1-1.fc42
Open Container Initiative-based implementation of Kubernetes Container Runtime Interface...
Fedora 42 : cri-o1.31 (2025-51d26ffda5)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-51d26ffda5 advisory. - Update to release v1.31.13 - Resolves: rhbz2333357, rhbz2398406, rhbz2398661, rhbz2399063, rhbz2399337 - Upstream fix Tenable has extracted the...
Fedora 42 : cri-o1.32 (2025-37970906a8)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-37970906a8 advisory. - Update to release 1.32.9 - Resolves: rhbz2333357, rhbz2398407, rhbz2398662, rhbz2399064, rhbz2399338 - Upstream fix Tenable has extracted the...
EUVD-2019-13411
Malware in sbrugna...
EUVD-2018-11857
Malware in sbrugna...
EUVD-2019-13410
Malware in sbrugna...