Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/02/19 5:52 p.m.7 views

CVE-2025-24965

A flaw was found in the crun container runtime. In affected versions, a malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed; only the ability for the current user to write t...

8.7CVSS6AI score0.00533EPSS
Exploits0References6
NVD
NVD
added 2025/02/19 5:15 p.m.13 views

CVE-2025-24965

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS0.00533EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/19 4:46 p.m.7 views

CVE-2025-24965 .krun_config.json symlink attack creates or overwrites file on the host in crun

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS7AI score0.00533EPSS
Exploits0References3
CVE
CVE
added 2025/02/19 4:46 p.m.100 views

CVE-2025-24965

CVE-2025-24965 affects crun, an OCI container runtime written in C. A malicious container image could abuse the krun handler to escape the container root filesystem and create or modify files on the host, requiring no special permissions beyond write access to the target file. Affected versions a...

8.5CVSS8.5AI score0.00533EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/02/19 4:46 p.m.8 views

CVE-2025-24965

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS7.8AI score0.00533EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/19 4:46 p.m.26 views

CVE-2025-24965 .krun_config.json symlink attack creates or overwrites file on the host in crun

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS0.00533EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/02/19 4:46 p.m.16 views

CVE-2025-24965

crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...

8.5CVSS8.6AI score0.00533EPSS
Exploits0
OSV
OSV
added 2025/02/14 3:11 p.m.2 views

BELL-CVE-2025-24965 CVE-2025-24965 does not affect BellSoft software

Bulletin has no description...

8.5CVSS5.8AI score0.00533EPSS
Exploits0References1
Rows per page
Query Builder