Lucene search
K

200 matches found

OSV
OSV
added 2025/04/22 1:50 p.m.10 views

SUSE-SU-2025:20279-1 Security update for podman

This update for podman fixes the following issues: - CVE-2023-45288: Fixed closing connection when receiving too many headers bsc1236507. - CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile bsc1236270. - CVE-2025-22869: Fixed...

8.7CVSS6.9AI score0.91969EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2025/04/21 12:0 a.m.9 views

RHEL 9 : gvisor-tap-vsock (RHSA-2025:3833)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3833 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...

7.5CVSS7.1AI score0.00868EPSS
Exploits0References4
OSV
OSV
added 2025/04/14 10:3 a.m.11 views

RHSA-2025:3833 Red Hat Security Advisory: gvisor-tap-vsock security update

Bulletin has no description...

7.5CVSS7.7AI score0.00868EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2025/04/14 9:21 a.m.19 views

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

7.5CVSS6.7AI score0.00868EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2025/04/14 12:0 a.m.20 views

gvisor-tap-vsock security update

6:0.8.5-1 - Fix CVE-2025-22869 by updating to 0.8.5 - Resolves: RHEL-81312...

7.5CVSS7.3AI score0.00868EPSS
Exploits0
OSV
OSV
added 2025/04/14 12:0 a.m.9 views

ALSA-2025:3833 Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...

7.5CVSS7.7AI score0.00868EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2025/04/14 12:0 a.m.14 views

Important: gvisor-tap-vsock security update

A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for podman-machine virtual machines. Compared to libslirp, gvisor-tap-vsock brings a configurable DNS server and dynamic port forwarding. Security Fixes:...

7.5CVSS7.2AI score0.00868EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/14 12:0 a.m.24 views

Oracle Linux 9 : gvisor-tap-vsock (ELSA-2025-3833)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-3833 advisory. - Fix CVE-2025-22869 by updating to 0.8.5 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Ness...

7.5CVSS7AI score0.00868EPSS
Exploits0References2
CNVD
CNVD
added 2025/03/31 12:0 a.m.12 views

Google gVisor elevation of privilege vulnerability (CNVD-2025-07534)

Google gVisor is a container sandboxing technology developed by Google to provide greater isolation and security for containers. An elevation of privilege vulnerability exists in Google gVisor, which can be exploited by an attacker to access restricted files...

7.8CVSS6.7AI score0.00072EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/30 4:47 p.m.21 views

CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS7.2AI score0.00072EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/29 12:0 a.m.13 views

RHEL 9 : gvisor-tap-vsock (RHSA-2025:3185)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3185 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor and is used to provide networking for...

7.5CVSS7.1AI score0.00868EPSS
Exploits0References4
NVD
NVD
added 2025/03/28 4:15 p.m.24 views

CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS0.00072EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 4:15 p.m.4 views

DEBIAN-CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS5.2AI score0.00072EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 4:15 p.m.26 views

UBUNTU-CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS5.8AI score0.00072EPSS
Exploits0References3
Snyk
Snyk
added 2025/03/28 3:47 p.m.1 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...

7.8CVSS6.9AI score0.00072EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/28 3:47 p.m.2 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...

7.8CVSS6.9AI score0.00072EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/28 3:47 p.m.2 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...

7.8CVSS6.9AI score0.00072EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/28 3:47 p.m.1 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...

7.8CVSS6.9AI score0.00072EPSS
Exploits0References2
OSV
OSV
added 2025/03/28 3:27 p.m.11 views

CVE-2025-2713 Improper File Permission Handling in Google gVisor runsc

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

6.8CVSS5.9AI score0.00072EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/03/28 3:27 p.m.10 views

CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS5.2AI score0.00072EPSS
Exploits0
Rows per page
Query Builder