Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-57231

A flaw was found in Podman, a tool for managing OCI containers and pods. A malicious container image can be crafted with an environment variable that has a key but no value, or an asterisk , to trick Podman. This vulnerability causes Podman to pass host environment variables into the container...

7.5CVSS5.6AI score0.0026EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-57231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no val...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References3
NVD
NVD
added 2026/04/28 7:36 p.m.7 views

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

8.6CVSS0.00395EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 5:46 p.m.19 views

EUVD-2026-26079

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

8.6CVSS5.4AI score0.00395EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.6 views

NVIDIA NeMoClaw 安全漏洞

NVIDIA NeMoClaw is a large-scale behavior constraint and security control framework developed by NVIDIA Corporation in the United States. NVIDIA NeMoClaw has a security vulnerability. This vulnerability stems from issues with the sandbox environment initialization components. It may allow remote...

8.6CVSS5.8AI score0.00395EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/15 5:26 p.m.52 views

Security Bulletin: Vulnerability in Apache Solr affect IBM Operations Analytics - Log Analysis (CVE-2023-50290)

Summary Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr Vulnerability Details CVEID:CVE-2023-50290 DESCRIPTION: Apache Solr could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By sending ...

6.5CVSS6.4AI score0.68665EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.59 views

RHEL 8 : container-tools:2.0 (RHSA-2021:4221)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4221 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: buildah: Host...

5.5CVSS6.2AI score0.00319EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/11/09 5:37 p.m.2 views

buildah: Host environment variables leaked in build container when using chroot isolation

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds e.g. Dockerfile RUN commands can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment,...

5.5CVSS7AI score0.00319EPSS
Exploits0References5
Rows per page
Query Builder