11 matches found
Fedora: Security Advisory (FEDORA-2025-bacdac27c8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 43 : containerd (2025-bacdac27c8)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-bacdac27c8 advisory. Automatic update for containerd-2.1.1-1.fc43. Changelog Tue May 20 2025 Bradley G Smith - 2.1.1-1 - Update package to release v2.1.1 - Resolves:...
CVE-2025-47290 vulnerabilities
Vulnerabilities for packages: docker-compose, neuvector-scanner...
CVE-2025-47290 vulnerabilities
Vulnerabilities for packages: docker-compose, neuvector, neuvector-fips, neuvector-scanner, docker-compose-fips...
kind-0.29.0-1.1 on GA media (moderate)
kind-0.29.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15146-1 Rating: moderate Cross-References: CVE-2025-47290 CVSS scores: CVE-2025-47290 SUSE : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2025-47290 SUSE : 7.6...
CVE-2025-47290
containerd is a container runtime. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0...
CVE-2025-47290
creationtimestamp| type| source ---|---|--- 2025-05-20 18:40:13+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114541619532659321 2025-05-21 01:55:42+00:00| seen| https://bsky.app/profile/bentheelder.bsky.social/post/3lpniot27bs2r 2025-05-22 02:18:16+00:00| seen|...
CVE-2025-47290 Containerd vulnerable to host filesystem access during image unpack
containerd is a container runtime. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0...
CVE-2025-47290
CVE-2025-47290 affects containerd v2.1.0, where a TOCTOU flaw during image unpack could allow an attacker to arbitrarily modify the host filesystem. The issue is limited to 2.1.0; 2.1.1 fixes it. Affected guidance: upgrade to containerd 2.1.1+; as a workaround, use only trusted images and restric...
CVE-2025-47290
containerd is a container runtime. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0...
CVE-2025-47290 Containerd vulnerable to host filesystem access during image unpack
containerd is a container runtime. A time-of-check to time-of-use TOCTOU vulnerability was found in containerd v2.1.0. While unpacking an image during an image pull, specially crafted container images could arbitrarily modify the host file system. The only affected version of containerd is 2.1.0...