Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2026/03/28 12:25 a.m.10 views

SUSE CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

6.4CVSS5.8AI score0.0018EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/27 5:8 p.m.10 views

Incus does not verify combined fingerprint when downloading images from simplestreams servers

Summary A lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker controlled images rather than the expected one. Details Incus image...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-33542

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/26 11:21 p.m.3 views

CVE-2026-33542

A flaw was found in Incus, a system container and virtual machine manager. A remote attacker could exploit a lack of validation of image fingerprints when downloading from simplestreams image servers. This vulnerability, under specific conditions, could lead to image cache poisoning, allowing an...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References4
NVD
NVD
added 2026/03/26 11:16 p.m.4 views

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS0.0018EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/03/26 10:32 p.m.3 views

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References1
Rows per page
Query Builder