88 matches found
Astra Linux - уязвимость в docker.io-app
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is vulnerable to cache poisoning if the image is built FROM scratch. Additionally, changes to certain instructions—especially HEALTHCHECK and ONBUILD—do not trigger cache...
CVE-2026-42575
apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded .apk packages against the checksum recorded in the signed index. The checksum is parsed and...
CVE-2026-42574
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same o...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-017338)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017338 advisory. Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is...
RHCOS 4 : OpenShift Container Platform 4.1.41 (RHSA-2020:1449)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1449 advisory. - buildah: Crafted input tar file may lead to local file overwrite during image build process CVE-2020-10696 Note that Nessus has not tested...
RHCOS 3 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1094)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1094 advisory. - 3: Untrusted content loaded via the API proxy can access web console credentials on the same domain CVE-2016-3703 - 3: s2i builds...
EUVD-2026-4954
Inspektor Gadget: Command Injection via malicious buildOptions manipulation...
Inspektor Gadget: Command Injection via malicious buildOptions manipulation
Impacted Resources inspektor-gadget/cmd/common/image/build.go inspektor-gadget/cmd/common/image/helpers/Makefile.build Description The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
GHSA-79QW-G77V-2VFH Inspektor Gadget: Command Injection via malicious buildOptions manipulation
Impacted Resources inspektor-gadget/cmd/common/image/build.go inspektor-gadget/cmd/common/image/helpers/Makefile.build Description The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
Security Bulletin: IBM Instana Observability has addressed Multiple Vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.313 Vulnerability Details CVEID:CVE-2025-5318 DESCRIPTION: A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered ...
operator-poc
operator-poc // TODOuser: Add simple overview of use/purpose...
SUSE CVE-2026-24905
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the buildCmd function. An attacker can execute arbitrary commands by supplying crafted values in the buildOptions structure, which are embedded unsafely in Makefile commands. Note: This is only exploitabl...
CVE-2026-24905
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
CVE-2026-24905
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
CVE-2026-24905
CVE-2026-24905 affects Inspektor Gadget. The vulnerability arises from unsafe embedding of user-controlled data in the Makefile.build template used during ig image build, allowing command injection via buildOptions extracted from the gadget manifest. Before version 0.48.1, an attacker who can inf...
CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
PT-2026-5359
Name of the Vulnerable Software and Affected Versions Inspektor Gadget versions prior to 0.48.1 Description Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary includes a subcommand for image...
MiracleLinux 8 : container-tools:2.0 (AXSA:2020-866:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-866:01 advisory. buildah: Crafted input tar file may lead to local file overwrite during image build process CVE-2020-10696 Bug Fixes: podman 1.6.4 is not honouring...