Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFileC...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail-Scanner-CVE-2026-31431 CopyFail-Scanner es una herram...

CVE-2026-41326

A flaw was found in Kata Containers. An oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those...

Kata Container has CopyFile Policy Subversion via Symlinks

Summary An oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. Details...

GHSA-Q49M-57VM-C8CC Kata Container has CopyFile Policy Subversion via Symlinks

Summary An oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. Details...

GHSA-RH99-WC69-C255 Contras Affected by CopyFile Policy Subversion via Symlinks

Impact The Kata agent policies generated by the Contrast CLI had an issue in the CopyFile verification, which allowed arbitrary writes to the guest root filesytem. A malicious process on the host with the capability to connect to the Kata agent VSOCK could connect to the agent and issue a series ...

Contras Affected by CopyFile Policy Subversion via Symlinks

Impact The Kata agent policies generated by the Contrast CLI had an issue in the CopyFile verification, which allowed arbitrary writes to the guest root filesytem. A malicious process on the host with the capability to connect to the Kata agent VSOCK could connect to the agent and issue a series ...

CVE-2026-41326

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

CVE-2026-41326 Kata Containers: CopyFile Policy Subversion via Symlinks

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

CVE-2026-41326

Kata Containers CVE-2026-41326 affects versions v3.4.0–v3.28.0 due to an oversight in the CopyFile policy/handler that allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can overwrite binaries inside the guest and exfiltrate data from containers, includin...

EUVD-2026-25611

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

CVE-2026-41326 Kata Containers: CopyFile Policy Subversion via Symlinks

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

CVE-2026-41326

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy and perhaps the CopyFile handler allows untrusted hosts to write to arbitrary locations...

PT-2026-35062

Name of the Vulnerable Software and Affected Versions Kata Containers versions 3.4.0 through 3.28.0 Description An oversight in the CopyFile policy and potentially the CopyFile handler allows untrusted hosts to write to arbitrary locations within the guest workload image. This flaw can be exploit...

Kata Containers 安全漏洞

Kata Containers is an open-source, lightweight virtual infrastructure building tool developed by the Kata Containers community. Versions 3.4.0 to 3.28.0 of Kata Containers contain security vulnerabilities. These vulnerabilities stem from improper handling of the CopyFile strategy, which may allow...

CVE-2019-25351

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...

CVE-2019-25351

CVE-2019-25351 affects Centova Cast 3.2.11. A vulnerability in the server.copyfile API endpoint allows authenticated attackers to retrieve arbitrary system files by supplying crafted parameters, enabling downloads such as /etc/passwd via curl or wget. Impact is high on confidentiality; no remedia...

CVE-2019-25351 Centova Cast 3.2.11 - Arbitrary File Download

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...

CVE-2019-25351 Centova Cast 3.2.11 - Arbitrary File Download

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...

PT-2026-20526

Centova Cast 3.2.11 contains a file download vulnerability that allows authenticated attackers to retrieve arbitrary system files through the server.copyfile API endpoint. Attackers can exploit the vulnerability by supplying crafted parameters to download sensitive files like /etc/passwd using cu...