Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:22 a.m.6 views

CVE-2019-18837

An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chrootrealpath.c...

8.6CVSS6.6AI score0.01429EPSS
Exploits0References1
CVE
CVE
added 2019/11/13 8:1 p.m.56 views

CVE-2019-18837

CVE-2019-18837 affects crun prior to 0.10.5. A crafted image can bypass target-symlink checks, granting access to files outside the container via the codepaths in libcrun/linux.c and libcrun/chroot_realpath.c. The vulnerability has multiple vendor/advisory references (Red Hat, Debian, OSV, CVE li...

8.6CVSS8.2AI score0.01429EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.26 views

Fedora 31 : crun (2019-1ba2a6e386)

built version 0.10.5 fix CVE-2019-18837 ---- built version 0.10.4 ---- built version 0.10.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possib...

8.6CVSS7.8AI score0.01429EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.27 views

Fedora 30 : crun (2019-80a2646798)

built version 0.10.5 fix CVE-2019-18837 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

8.6CVSS7.8AI score0.01429EPSS
Exploits0References2
Rows per page
Query Builder