Lucene search
K

73 matches found

OSV
OSV
added 2022/02/11 11:27 p.m.76 views

GHSA-742W-89GC-8M9C containerd v1.2.x can be coerced into leaking credentials during image pull

Impact If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign layer”, the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 o...

6.1CVSS6.9AI score0.02209EPSS
Exploits1References9
Github Security Blog
Github Security Blog
added 2022/02/11 11:27 p.m.208 views

containerd v1.2.x can be coerced into leaking credentials during image pull

Impact If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign layer”, the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 o...

6.1CVSS0.6AI score0.02209EPSS
Exploits1References9Affected Software1
Amazon
Amazon
added 2022/01/20 12:0 a.m.37 views

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2021-1555 to update your system. New Packages: src: ...

6.1CVSS6.1AI score0.02209EPSS
Exploits1
Amazon
Amazon
added 2021/11/18 12:0 a.m.7 views

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ secti...

6.1CVSS6.8AI score0.02209EPSS
Exploits1
Amazon
Amazon
added 2021/11/18 12:0 a.m.7 views

Medium: containerd

Issue Overview: A flaw was found in containerd. Credentials may be leaked during an image pull. CVE-2020-15157 Affected Packages: containerd Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for t...

6.1CVSS6.8AI score0.02209EPSS
Exploits1
OSV
OSV
added 2021/07/19 9:15 p.m.0 views

DEBIAN-CVE-2021-32760

containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access t...

6.3CVSS6AI score0.01608EPSS
Exploits2References1
Microsoft CVE
Microsoft CVE
added 2021/07/16 7:0 a.m.5 views

Docker daemon crash during image pull of malicious image

...

6.5CVSS7.7AI score0.03287EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/02/24 2:45 p.m.6 views

containerd: credentials leak during image pull

A flaw was found in containerd. Credentials may be leaked during an image pull...

6.1CVSS7AI score0.02209EPSS
Exploits1References7
OSV
OSV
added 2021/02/12 8:15 a.m.6 views

SUSE-SU-2021:0445-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Update Docker to 19.03.15-ce: - CVE-2021-21284: potential privilege escalation when the root user in the remapped namespace has access to the host filesystem bsc1181732 - CVE-2021-21285:...

6.8CVSS6.9AI score0.03287EPSS
Exploits1References14
OpenVAS
OpenVAS
added 2021/02/08 12:0 a.m.30 views

Docker < 19.03.15, 20.x < 20.10.3 Multiple Vulnerabilities

Docker is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.8CVSS6.9AI score0.03287EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/02/02 5:55 p.m.21 views

CVE-2021-21285 Docker daemon crash during image pull of malicious image

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing...

6.5CVSS6.9AI score0.03287EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2020/10/21 3:55 p.m.47 views

CVE-2020-15157

A flaw was found in containerd. Credentials may be leaked during an image pull...

6.1CVSS6.5AI score0.02209EPSS
Exploits1References6
Cvelist
Cvelist
added 2020/10/16 4:45 p.m.30 views

CVE-2020-15157 containerd can be coerced into leaking credentials during image pull

In containerd an industry-standard container runtime before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer otherwise known as a “foreign...

6.1CVSS6.8AI score0.02209EPSS
Exploits1References5
NCSC
NCSC
added 2020/10/16 12:0 a.m.3 views

Vulnerability fixed in containerd

A vulnerability has been fixed in containerd, which is used by Docker and Kubernetes, among others. A malicious party could vulnerability potentially exploit it to gain access to login credentials to an internal or external image registry. To do so the malicious party must induce the user to pull...

6.1CVSS6.8AI score0.02209EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/07/27 6:50 p.m.4 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/07/21 9:57 a.m.6 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/07/14 12:0 a.m.53 views

RHEL 7 / 8 : OpenShift Container Platform 4.5 (RHSA-2020:2413)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2413 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8.8CVSS6.8AI score0.21052EPSS
Exploits12References11
RedHat Linux
RedHat Linux
added 2020/06/23 2:27 p.m.2 views

containers/image: Container images read entire image manifest into memory

A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashi...

4.3CVSS5.8AI score0.00688EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/05/12 7:52 p.m.4 views

proglottis/gpgme: Use-after-free in GPGME bindings during container image pull

A use-after-free vulnerability was found in the Go GPGME wrapper library, github.com/proglottis/gpgme. An attacker could use this flaw to crash or cause potential code execution in Go applications that use this library, under certain conditions, during GPG signature verification...

7.5CVSS6.1AI score0.05071EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2020/05/12 7:52 p.m.4 views

containers/image: Container images read entire image manifest into memory

A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashi...

4.3CVSS5.8AI score0.00688EPSS
Exploits0References4
Rows per page
Query Builder