Lucene search
K

6 matches found

CVE
CVE
added 2025/11/10 9:56 p.m.29 views

CVE-2025-64507

CVE-2025-64507 affects Incus/LXD: in versions prior to 6.0.6 and 6.19.0 an unprivileged user who can access a container and a host with a custom storage volume that has security.shifted=true may create a setuid binary inside the container and execute it on the host to gain root. The issue require...

8.6CVSS6.6AI score0.00148EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/10/12 11:9 a.m.5 views

OESA-2024-2253 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files...

3.6CVSS6.8AI score0.00317EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2023/03/11 8:0 a.m.2 views

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges related to libcontainer/rootfs_linux.go. To exploit this an attacker must be able to spawn two containers with custom volume-mount configurations and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.

...

7CVSS6.6AI score0.00457EPSS
Exploits1
OSV
OSV
added 2023/03/03 7:15 p.m.1 views

DEBIAN-CVE-2023-27561

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because...

7CVSS6.2AI score0.00448EPSS
Exploits1References1
OSV
OSV
added 2023/03/03 7:15 p.m.3 views

UBUNTU-CVE-2023-27561

runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because...

7CVSS6.8AI score0.00448EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.3 views

PT-2023-3588 · Runc +8 · Runc +8

Name of the Vulnerable Software and Affected Versions: runc versions 1.0.0-rc95 through 1.1.4 Description: The issue is related to the libcontainer/rootfs linux.go component of the runc tool, which is used for running isolated containers. It allows an attacker to exploit incorrect access control,...

9.8CVSS6.3AI score0.06604EPSS
Exploits5References185
Rows per page
Query Builder