35 matches found
Medium: cifs-utils
Issue Overview: A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentia...
CVE-2026-33150
CVE-2026-33150 affects libfuse: the io_uring subsystem vulnerability exists from 3.18.0 up to just before 3.18.2. When io_uring thread creation fails due to resource exhaustion (e.g., cgroup pids.max), fuse_uring_start() frees the ring pool but stores a dangling pointer in the session state, caus...
CVE-2026-33150
libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a use-after-free vulnerability in the iouring subsystem of libfuse allows a local attacker to crash FUSE filesystem processes and potentially execute arbitrary code. When iouring thread creati...
GHSA-QH4C-XF7M-GXFC vLLM vulnerable to Server-Side Request Forgery (SSRF) through MediaConnector
Summary A Server-Side Request Forgery SSRF vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The loadfromurl and loadfromurlasync methods obtain and process media from URLs provided by users, using different Python parsing libraries when restrictin...
CVE-2026-24779
CVE-2026-24779 is an SSRF vulnerability in vLLM’s MediaConnector. Before version 0.14.1, load_from_url and load_from_url_async fetch media from user-supplied URLs and validate via Python urllib urlparse, while the request is issued with requests/urllib3, whose parsing follows a different standard...
Automated Vulnerability Validation and Verification: A Large Language Model Approach
Software vulnerabilities remain a critical security challenge, providing entry points for attackers into enterprise networks. Despite advances in security practices, the lack of high-quality datasets capturing diverse exploit behavior limits effective vulnerability assessment and mitigation. This...
How to Eliminate Deployment Bottlenecks Without Sacrificing Application Security
Today, organizations increasingly rely on DevOps to accelerate software delivery, improve operational efficiency, and enhance business performance. According to RedGate, 74% have adopted DevOps, and according to Harvard Business Review Analytics, 77% of organizations currently depend on DevOps to...
MGASA-2025-0176 Updated cifs-utils packages fix security vulnerability
cifs.upcall makes an upcall to the wrong namespace in containerized environments. CVE-2025-2312...
Wazuh 4.10.2
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
Wazuh 4.12.0
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
openSUSE Security Advisory (SUSE-SU-2025:1381-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cifs-utils (SUSE-SU-2025:1381-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1381-1 advisory. - CVE-2025-2312: Fixed cifs.upcall making an upcall to the wrong namespace in containerized environments...
Understanding the threat landscape for Kubernetes and containerized assets
The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has observed threat actors taking advantage of unsecured...
Incomplete Patch Leaves NVIDIA and Docker Users at Risk
NVIDIA's incomplete security patch, combined with a Docker vulnerability, creates a serious threat for organizations using containerized environments. This article explains the risks and mitigation strategies...
Azure Linux 3.0 Security Update: cifs-utils (CVE-2025-2312)
The version of cifs-utils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...
CBL Mariner 2.0 Security Update: cifs-utils (CVE-2025-2312)
The version of cifs-utils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...
cifs.upcall makes an upcall to the wrong namespace in containerized environments
...
DEBIAN-CVE-2025-2312
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...
CVE-2025-2312
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...
CVE-2025-2312 cifs.upcall makes an upcall to the wrong namespace in containerized environments
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...