Lucene search
K

23 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Golang-github-appc-cni

A flaw in path name limitations was identified in containernetworking/cni in versions prior to 0.8.1. When specifying the plugin to be loaded in the ‘type’ field of the network configuration, it is possible to use special elements such as “/” separators to reference binaries located elsewhere on...

7.2CVSS6.5AI score0.01525EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1255

Malicious code in bioql PyPI...

7.2CVSS6AI score0.01525EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.36 views

RHEL 8 : podman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - podman: Symlink error leads to information disclosure CVE-2022-4122 - A flaw was found in Buildah. The...

7.2CVSS6.3AI score0.01525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.19 views

RHEL 7 : containernetworking-cni (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - containernetworking-cni: Arbitrary path injection via type field in CNI configuration CVE-2021-20206 Note that Ness...

7.5AI score0.01525EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.31 views

RHEL 8 : containernetworking-cni (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - containernetworking-cni: Arbitrary path injection via type field in CNI configuration CVE-2021-20206 Note that Ness...

7.5AI score0.01525EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/31 5:42 a.m.85 views

Security Bulletin: IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities

Summary IBM Edge Application Manager 4.5 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2021-41190 DESCRIPTION: Open Container Initiative Distribution Specification could allow a remote authenticated attacker to bypass security restrictions,...

8.6CVSS9.4AI score0.27392EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.39 views

SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0326-1 advisory. podman was updated to version 4.3.1: 4.3.1: Bugfixes - Fixed a deadlock between the podman ps and podman container inspect commands...

7.5CVSS6.5AI score0.02085EPSS
Exploits3References20
Tenable Nessus
Tenable Nessus
added 2022/12/21 12:0 a.m.36 views

SUSE SLES15 / openSUSE 15 Security Update : cni-plugins (SUSE-SU-2022:4593-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4593-1 advisory. - CVE-2021-20206: Fixed arbitrary path injection via type field in CNI configuration bsc1181961. Tenable has extracted the...

7.2CVSS6.8AI score0.01525EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/11/23 12:0 a.m.29 views

SUSE SLES15 Security Update : cni (SUSE-SU-2022:4150-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4150-1 advisory. - CVE-2021-20206: Fixed arbitrary path injection via type field in CNI configuration bsc1181961. Tenable has extracted the preceding...

7.2CVSS6.8AI score0.01525EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.10 views

Fedora: Security Advisory for golang-github-containernetworking-cni (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.21 views

Fedora: Security Advisory for golang-github-containernetworking-cni (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.15 views

Fedora: Security Advisory for golang-github-containernetworking-cni (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/04 1:35 a.m.20 views

[SECURITY] Fedora 36 Update: golang-github-containernetworking-cni-1.1.1-4.fc36

Container Network Interface - networking for Linux containers...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/06/17 12:0 a.m.30 views

Fedora: Security Advisory for golang-github-containernetworking-cni (FEDORA-2022-725ac93b48)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.00377EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/03/10 12:0 a.m.45 views

openSUSE 15 Security Update : buildah (openSUSE-SU-2022:0770-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0770-1 advisory. - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in...

9.3CVSS6.4AI score0.02603EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2022/02/16 11:18 a.m.48 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.43 security update

Red Hat OpenShift Container Platform release 4.7.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...

7.2CVSS6.5AI score0.01525EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/02/15 1:57 a.m.43 views

containernetworking/cni improper limitation of path name

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS7.1AI score0.01525EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2021/03/26 10:15 p.m.39 views

CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS6.6AI score0.01525EPSS
Exploits0References3
OSV
OSV
added 2021/03/26 10:15 p.m.4 views

UBUNTU-CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS6.6AI score0.01525EPSS
Exploits0References4
CVE
CVE
added 2021/03/26 9:34 p.m.476 views

CVE-2021-20206

CVE-2021-20206 involves containernetworking/cni before 0.8.1 where the network configuration field type can include path traversal ("../"), allowing an authenticated attacker to reference and execute binaries outside the plugin directory (e.g., reboot). Impact affects confidentiality, integrity, ...

7.2CVSS6.8AI score0.01525EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder