Lucene search
K

85 matches found

RedHat Linux
RedHat Linux
added 2024/04/25 3:33 p.m.3 views

buildah: full container escape at build time

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/04/25 8:11 a.m.6 views

buildah: full container escape at build time

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/03/20 3:48 a.m.4 views

SUSE CVE-2024-1753

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS7.1AI score0.0049EPSS
Exploits0References17
OSV
OSV
added 2024/03/18 3:15 p.m.8 views

AZL-42509 CVE-2024-1753 affecting package buildah 1.18.0-29

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 3:15 p.m.7 views

AZL-42561 CVE-2024-1753 affecting package podman for versions less than 5.6.1-2

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 3:15 p.m.2 views

DEBIAN-CVE-2024-1753

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 3:15 p.m.7 views

AZL-42546 CVE-2024-1753 affecting package buildah for versions less than 1.41.4-2

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 3:15 p.m.8 views

AZL-36899 CVE-2024-1753 affecting package libcontainers-common for versions less than 20240213-2

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.9AI score0.0049EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 3:15 p.m.2 views

UBUNTU-CVE-2024-1753

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

8.6CVSS6.8AI score0.0049EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.4 views

SUSE CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a new container with an...

7.5CVSS9.5AI score0.9857EPSS
Exploits33References38
BDU FSTEC
BDU FSTEC
added 2022/03/18 12:0 a.m.5 views

The vulnerability of the CRI-O Container Engine’s application programming interface’s pinns allows a hacker to exit the container and gain root access to the host.

The vulnerability of the CRI-O Container Engine’s application programming interface’s pinns function, a software tool for managing clusters of virtual machines in Kubernetes, is related to the lack of proper checks on kernel parameters. Exploiting this vulnerability could allow an attacker to exi...

9CVSS7.8AI score0.18561EPSS
Exploits0References6Affected Software3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0068)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.8AI score0.9857EPSS
Exploits33References5
Tenable Nessus
Tenable Nessus
added 2021/04/29 12:0 a.m.49 views

Oracle Linux 7 : runc (ELSA-2021-9203)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-9203 advisory. 1.0.0-92.rc92 - Add epoch value of 2 to allow upgrade to 1.0.0-92.rc92 from 1.0.0-93.rc93. 1.0.0-92.rc92 - Build for...

9.3CVSS7.2AI score0.9857EPSS
Exploits33References2
Positive Technologies
Positive Technologies
added 2020/10/21 12:0 a.m.7 views

PT-2020-4466 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the...

8.2CVSS7.2AI score0.00368EPSS
Exploits0References3
FreeBSD Advisory
FreeBSD Advisory
added 2020/09/15 12:0 a.m.11 views

FreeBSD-SA-20:28.bhyve_vmcs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:28.bhyvevmcs Security Advisory The FreeBSD Project Topic: bhyve privilege escalation via VMCS access Category: core Module: bhyve Announced: 2020-09-15...

8.2CVSS7.3AI score0.00604EPSS
Exploits1
CNVD
CNVD
added 2020/04/08 12:0 a.m.2 views

Canonical MicroK8s Elevation of Privilege Vulnerability

Canonical MicroK8s is a lightweight container orchestration system from Canonical UK. A security vulnerability exists in Canonical MicroK8s. A local attacker could exploit this vulnerability to gain access to the host with root privileges...

8.8CVSS6.8AI score0.00502EPSS
Exploits1
ThreatPost
ThreatPost
added 2020/03/12 2:20 p.m.107 views

$100K Paid Out for Google Cloud Shell Root Compromise

Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...

0.5AI score
Exploits0References10
ThreatPost
ThreatPost
added 2020/03/12 2:20 p.m.17 views

$100K Paid Out for Google Cloud Shell Root Compromise

Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...

0.5AI score
Exploits0References10
OSV
OSV
added 2019/10/02 7:15 p.m.3 views

CVE-2019-12675

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to...

8.8CVSS7.4AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2019/02/17 12:31 a.m.8 views

MGASA-2019-0087 Updated lxc packages fix security vulnerability

LXC allows attackers to overwrite the host LXC binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: a new container with an attacker-controlled image, or an existing container, to which the attacker...

9.3CVSS9AI score0.9857EPSS
Exploits33References3
Rows per page
Query Builder