Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-15292

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00385EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2022/04/21 12:20 p.m.64 views

Amazon's Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug

The "hotpatch" released by Amazon Web Services AWS in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. "Aside from containers, unprivileged processes can also exploit the patch...

8.8CVSS1AI score0.00385EPSS
Exploits4
Veracode
Veracode
added 2022/04/21 11:5 a.m.25 views

Privilege Escalation

github.com/bottlerocket-os/hotdog is vulnerable to privilege escalation. The vulnerability exists in main function in main.go due to an incomplete fix for CVE-2021-3101, because the target JVM processor doesn't limit the resources and filters which allows an attacker to gain access on host and...

8.8CVSS5.5AI score0.00385EPSS
Exploits2References6Affected Software1
OSV
OSV
added 2022/04/19 11:15 p.m.17 views

CVE-2021-3101

Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container...

8.8CVSS8.8AI score
Exploits0References2
NVD
NVD
added 2022/04/19 11:15 p.m.32 views

CVE-2021-3101

Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container...

8.8CVSS0.00385EPSS
Exploits1References2
Prion
Prion
added 2022/04/19 11:15 p.m.19 views

Design/Logic Flaw

Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...

7.2CVSS8.7AI score0.00385EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2022/04/19 10:15 p.m.136 views

CVE-2022-0071

CVE-2022-0071 documents confirm an incomplete fix for CVE-2021-3101 in Hotdog prior to v1.0.2. The vulnerability arises because Hotdog did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. As a result, a container could exhaust host resources, modif...

8.8CVSS8.6AI score0.00385EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/04/19 10:15 p.m.93 views

CVE-2021-3101

CVE-2021-3101 concerns Hotdog (a Bottlerocket OCI hook) before v1.0.1. It did not mimic the capabilities/SELinux label of the target JVM process, enabling a container to gain full privileges on the host and bypass container restrictions. Affected component: Hotdog (prior to 1.0.1); exploitation c...

8.8CVSS8.8AI score0.00385EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/04/19 10:15 p.m.30 views

CVE-2021-3101 Hotdog Container Escape

Hotdog, prior to v1.0.1, did not mimic the capabilities or the SELinux label of the target JVM process. This would allow a container to gain full privileges on the host, bypassing restrictions set on the container...

8.8CVSS9.1AI score0.00385EPSS
Exploits1References2
Rows per page
Query Builder