340 matches found
EUVD-2021-10321
Malware in sbrugna...
EUVD-2025-5092
Malicious code in bioql PyPI...
EUVD-2025-6529
Malicious code in bioql PyPI...
EUVD-2023-0597
Malicious code in bioql PyPI...
EUVD-2022-1411
Malicious code in bioql PyPI...
EUVD-2025-28020
Malicious code in bioql PyPI...
EUVD-2025-24859
Malicious code in bioql PyPI...
Built-in Runtime Security for Containers
Security teams struggle with visibility into behaviors inside their running containers. Qualys is today announcing general availability of Container Runtime Security CRS to provide industry-leading visibility for running containers using an approach that is container-engine agnostic and layered...
Cri-o: pods are able to break out of resource confinement on cgroupv2
...
CRI-O has Potential High Memory Consumption from File Read
There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a hi...
GHSA-8F93-J3FX-72F3 CRI-O has Potential High Memory Consumption from File Read
There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a hi...
CVE-2025-4437
CVE-2025-4437 affects CRI-O (container runtime); Fedora advisories indicate cri-o1.33 up to version 1.33.5 fixes. The vulnerability arises when container runs with securityContext.runAsUser set to a non-existent user, causing CRI-O to read /etc/passwd into memory and potentially trigger memory ex...
CVE-2025-4437 Cri-o: large /etc/passwd file may lead to denial of service
There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a hi...
PT-2025-34042 · Cri-O · Cri-O
Name of the Vulnerable Software and Affected Versions: CRI-O affected versions not specified Description: CRI-O is susceptible to a denial-of-service issue. When a container is launched with securityContext.runAsUser set to a non-existent user, CRI-O attempts to create the user by reading the...
Linux Distros Unpatched Vulnerability : CVE-2021-21334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through...
CVE-2025-54867
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...
CVE-2025-54867
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...
CVE-2025-54867 Youki Symlink Following Vulnerability
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...
CVE-2025-54867
Youki (Rust-based container runtime) before v0.5.5 is vulnerable: if /proc and /sys in the rootfs are symbolic links, an attacker with local access could potentially gain access to the host root filesystem. Root cause: improper handling of symbolic links in rootfs; impact: high (host filesystem a...
CVE-2025-54867 Youki Symlink Following Vulnerability
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...