Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 3 days ago5 views

CVE-2026-50195

A flaw was found in containerd, an open-source container runtime. The CRI Container Runtime Interface checkpoint import process fails to validate image references within a checkpoint image's configuration. An attacker with permissions to create pods can exploit this by using a specially crafted...

9.9CVSS6.4AI score0.00354EPSS
Exploits0References4
CVE
CVE
added 4 days ago27 views

CVE-2026-50195

Containerd CVE-2026-50195 affects CRI checkpoint import: unvalidated image references in a checkpoint config allow an attacker with pod-creation permissions to trigger pulling a malicious image and assign it a local tag, poisoning the node’s local image cache. Subsequent pods on the same node usi...

9.9CVSS6.1AI score0.00354EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 4 days ago7 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00354EPSS
Exploits0
Debian CVE
Debian CVE
added 4 days ago6 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00354EPSS
Exploits0
Snyk
Snyk
added 2026/03/27 5:8 p.m.5 views

Improper Validation of Integrity Check Value

Overview Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value inadequate validation of the combined fingerprint during image downloads from simplestreams servers. An attacker can cause users to deploy malicious images by providing manipulated image file...

7.7CVSS6.1AI score0.0018EPSS
Exploits1References2
NVD
NVD
added 2017/11/13 5:29 p.m.22 views

CVE-2017-14388

Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer...

7.8CVSS7.6AI score0.00733EPSS
Exploits0References1
OSV
OSV
added 2017/11/13 5:29 p.m.21 views

CVE-2017-14388

Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer...

7.8CVSS6.8AI score0.00733EPSS
Exploits0References1
CVE
CVE
added 2017/11/13 5:0 p.m.52 views

CVE-2017-14388

Summary: CVE-2017-14388 affects Cloud Foundry GrootFS 0.3.x prior to 0.30.0, where GrootFS does not validate DiffIDs, allowing a specially crafted image to poison the grootfs volume cache. Affected software: GrootFS (root filesystem component) within Cloud Foundry, specifically releases in the 0....

7.8CVSS7.5AI score0.00733EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder