Lucene search
K

6 matches found

EUVD
EUVD
added 2026/03/27 5:8 p.m.4 views

EUVD-2026-16460

Incus does not verify combined fingerprint when downloading images from simplestreams servers...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References7
OSV
OSV
added 2026/03/26 11:16 p.m.2 views

DEBIAN-CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

4.8CVSS5.2AI score0.0018EPSS
Exploits1References1
OSV
OSV
added 2026/03/26 10:32 p.m.5 views

CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.9AI score0.0018EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 10:32 p.m.3 views

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/03/26 10:32 p.m.23 views

CVE-2026-33542

CVE-2026-33542 affects Incus, a system container and VM manager. Prior to version 6.23.0, there is a lack of validation of the image fingerprint when downloading from simplestreams image servers, which can lead to image cache poisoning and, under very narrow circumstances, exposure of other tenan...

7.1CVSS5.8AI score0.0018EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2026/03/26 10:32 p.m.3 views

CVE-2026-33542

Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker...

7.1CVSS5.2AI score0.0018EPSS
Exploits1
Rows per page
Query Builder