Lucene search
+L

116 matches found

OSV
OSV
added 2022/05/13 1:4 a.m.27 views

GHSA-32W9-2QPC-5F9V Docker image code execution with Apache Mesos

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

7.8CVSS6.3AI score0.02712EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2019/11/14 9:17 p.m.5 views

mesos: docker image code execution

A flaw was found in Docker image running under root user, where it is possible to overwrite the init helper binary of the container runtime or the command executor in Apache Mesos. A malicious user could use this flaw to gain root-level code execution on the host...

9.3CVSS7.5AI score0.02712EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/06/24 12:0 a.m.26 views

Photon OS 1.0: Mesos PHSA-2019-1.0-0239

An update of the mesos package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0239. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid126188...

9.3CVSS8.2AI score0.02712EPSS
Exploits0References2
Photon
Photon
added 2019/06/17 12:0 a.m.40 views

Important Photon OS Security Update - PHSA-2019-0239

Updates of 'elfutils', 'binutils', 'krb5', 'nss', 'go', 'kubernetes', 'mesos' packages of Photon OS have been released...

6.5CVSS1.7AI score0.13164EPSS
Exploits2
Photon
Photon
added 2019/06/17 12:0 a.m.42 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0239

An update of 'krb5', 'elfutils', 'binutils', 'nss', 'mesos' packages of Photon OS has been released...

9.3CVSS0.9AI score0.44398EPSS
Exploits6
Photon
Photon
added 2019/06/05 12:0 a.m.61 views

Critical Photon OS Security Update - PHSA-2019-0161

Updates of 'linux-aws', 'linux', 'kubernetes', 'polkit', 'wget', 'linux-secure', 'elfutils', 'python2', 'mesos', 'glib', 'python3', 'libsoup', 'linux-esx', 'libvirt', 'tar', 'curl', 'libtiff', 'libarchive', 'zookeeper' packages of Photon OS have been released...

9.3CVSS1.6AI score0.05111EPSS
Exploits5
Photon
Photon
added 2019/06/05 12:0 a.m.41 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0161

An update of 'libarchive', 'elfutils', 'wget', 'go', 'curl', 'linux-secure', 'python2', 'kubernetes', 'linux-esx', 'linux-aws', 'libtiff', 'mesos', 'glib', 'libsoup', 'libvirt', 'zookeeper', 'tar', 'linux', 'polkit', 'python3' packages of Photon OS has been released...

9.3CVSS0.9AI score0.9857EPSS
Exploits51
RedhatCVE
RedhatCVE
added 2019/03/26 11:49 a.m.20 views

CVE-2019-0204

A flaw was found in Docker image running under root user, where it is possible to overwrite the init helper binary of the container runtime or the command executor in Apache Mesos. A malicious user could use this flaw to gain root-level code execution on the host...

9.3CVSS1.8AI score0.02712EPSS
Exploits0References2
CNVD
CNVD
added 2019/03/26 12:0 a.m.3 views

Apache Mesos Code Execution Vulnerability

Apache Mesos is the United States Apache Apache Software Foundation of a set of support for Hadoop, ElasticSearch and Spark and other application architecture of open source cluster management software. There is a security vulnerability in Apache Mesos. The vulnerability can be exploited by an...

9.3CVSS7.3AI score0.02712EPSS
Exploits0References1
NVD
NVD
added 2019/03/25 10:29 p.m.23 views

CVE-2019-0204

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

9.3CVSS8.1AI score0.02712EPSS
Exploits0References3
Prion
Prion
added 2019/03/25 10:29 p.m.17 views

Design/Logic Flaw

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

9.3CVSS8.3AI score0.02712EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2019/03/25 10:29 p.m.16 views

CVE-2019-0204

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

7.8CVSS7.4AI score
Exploits0References3
CVE
CVE
added 2019/03/25 9:43 p.m.228 views

CVE-2019-0204

CVE-2019-0204 affects Apache Mesos (pre-1.4.x, and 1.4.0–1.4.2, 1.5.0–1.5.2, 1.6.0–1.6.1, 1.7.0–1.7.1). A crafted Docker image run as root can overwrite the container runtime init helper binary and/or the Mesos command executor, enabling root-level code execution on the host. Public records in th...

9.3CVSS7.9AI score0.02712EPSS
In wildExploits0References3Affected Software1
Cvelist
Cvelist
added 2019/03/25 9:43 p.m.25 views

CVE-2019-0204

A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...

8.3AI score0.02712EPSS
Exploits0References3
Photon
Photon
added 2019/03/18 12:0 a.m.31 views

Critical Photon OS Security Update - PHSA-2019-0141

Updates of 'mesos', 'python2' packages of Photon OS have been released...

7.5CVSS1.6AI score0.03674EPSS
Exploits0
Photon
Photon
added 2019/03/18 12:0 a.m.42 views

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0141

An update of 'python2', 'mesos' packages of Photon OS has been released...

5CVSS0.9AI score0.09125EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/03/11 11:49 a.m.27 views

CVE-2018-11793

When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.1, 1.6.0 to 1.6.1, and 1.7.0 might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters...

7.5CVSS3.6AI score0.0497EPSS
Exploits0References3
CNVD
CNVD
added 2019/03/07 12:0 a.m.7 views

Apache Mesos Denial of Service Vulnerability (CNVD-2019-40567)

Apache Mesos is the United States Apache Apache Software Foundation of a set of support for Hadoop, ElasticSearch and Spark and other application architecture of open source cluster management software. A denial of service vulnerability exists in Apache Mesos, which can be exploited by an attacke...

7.5CVSS6.8AI score0.0497EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2019/03/06 5:36 p.m.23 views

com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework (=0.1.0), com.hubspot.mesos.rx.java:mesos-rxjava-protobuf-client (=0.1.0) +4 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (=1.6.1)

org.apache.mesos:mesos MAVEN version =1.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.mesos:mesos and may be impacted: - com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework =0.1.0 -...

7.5CVSS7.1AI score0.0497EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/03/06 5:36 p.m.5 views

au.com.skytix:mesos-scheduler-client (>=1.0.11 <=1.0.15), au.com.skytix:velocity-scheduler (>=1.0.34 <=1.0.40) +44 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (>=0.9.0-incubating <=1.4.2)

org.apache.mesos:mesos MAVEN version =0.9.0-incubating, =1.0.11, =1.0.34, =2.1.7, =2.1.7, =2.2.0, =2.2.0, =0.0.3, =2.1.2, =2.1.2, =0.18.0, =0.1.3, =0.1.3, =0.18.0, =0.18.0, =1.5.0 and more Source cves: CVE-2018-11793 Source advisory: OSV:GHSA-P2XQ-VCM7-XJJ6...

7.5CVSS7.2AI score0.0497EPSS
Exploits0
Rows per page
Query Builder