Linux Distros Unpatched Vulnerability : CVE-2024-9407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this...

Amazon Linux 2 : containerd (ALASECS-2023-002)

The version of containerd installed on the remote host is prior to 1.6.19-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-002 advisory. containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can...

EulerOS 2.0 SP5 : docker-engine (EulerOS-SA-2023-2142)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container c...

Fedora 37 : containerd (2023-05b39bc048)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-05b39bc048 advisory. Update containerd to 1.16.19 - Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2 - Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p Tenable has extracted...

CVE-2023-25173

containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be ab...