Lucene search
K

5 matches found

OSV
OSV
added 2026/06/18 5:19 p.m.3 views

GHSA-FJV8-J4P5-CR9M Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox — cross-tenant data access and host escape

Summary A sandbox volume reference volumeId, which may also be a volume name was forwarded to the runner and used to build the host bind-mount source path without confinement. A reference containing path-traversal sequences could in principle resolve the mount source outside the intended per-volu...

4.2CVSS5.4AI score0.00171EPSS
Exploits0References2
OSV
OSV
added 2026/05/14 4:23 p.m.21 views

GHSA-7FW3-X4R2-G7WC Portainer has a bind-mount restriction bypass via HostConfig.Mounts

Summary Portainer offers an environment-level Disable bind mounts for non-administrators security setting that blocks regular users from binding host paths into containers they create through the Portainer-mediated Docker API. The check that enforces this setting only inspected the legacy...

8.5CVSS5.8AI score0.00206EPSS
Exploits1References6
NVD
NVD
added 2026/05/13 6:16 p.m.41 views

CVE-2026-44002

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class intended as a safe wrapper for V8's native CallSite blocks getThis and getFunction to prevent host object leakage, but allows getFileName to return unsanitized host absolute paths. Any sandboxed code can...

5.8CVSS0.00241EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

vm2 安全漏洞

vm2 is a high-level virtual machine/sandbox developed by Czech developer Patrik Simek. It runs untrusted code using built-in Node.js modules listed in the allowlist. Versions of vm2 prior to 3.11.0 have security vulnerabilities; these vulnerabilities stem from the CallSite wrapper class allowing...

5.8CVSS5.9AI score0.00241EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2016/08/03 12:0 a.m.5 views

PT-2020-10295 · Open Container Initiative +7 · Runc +7

Name of the Vulnerable Software and Affected Versions: runc versions through 1.0.0-rc9 runc version 1.0.0-rc10 is not affected, as it contains the fix for this issue. Description: The issue is related to incorrect access control, leading to escalation of privileges. An attacker must be able to...

9.8CVSS6.6AI score0.9857EPSS
Exploits55References276
Rows per page
Query Builder