28 matches found
Design/Logic Flaw
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778 Incorrect Authorization in imgcrypt
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778
CVE-2022-24778 affects imgcrypt used with containerd. In versions prior to 1.1.4, a flaw in the CheckAuthorization path could allow running an image from a ManifestList on a host where the local architecture isn’t first in the list, potentially enabling access to encrypted images without proper k...
CVE-2022-24778 Incorrect Authorization in imgcrypt
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
CVE-2022-24778 Incorrect Authorization in imgcrypt
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function CheckAuthorization is supposed to check whether the current used is...
PT-2022-16873 · Imgcrypt +2 · Imgcrypt +2
Name of the Vulnerable Software and Affected Versions: imgcrypt versions prior to 1.1.4 Description: The imgcrypt library provides API extensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted...
containerd 安全漏洞
containerd is a container daemon from the Apache Foundation. The process is responsible for controlling the full cycle of containers on the host according to the RunC OCI specification. A security vulnerability exists in containerd imgcrypt versions prior to 1.1.4, which arises from a failure whe...