116 matches found
GHSA-32W9-2QPC-5F9V Docker image code execution with Apache Mesos
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...
mesos: docker image code execution
A flaw was found in Docker image running under root user, where it is possible to overwrite the init helper binary of the container runtime or the command executor in Apache Mesos. A malicious user could use this flaw to gain root-level code execution on the host...
Photon OS 1.0: Mesos PHSA-2019-1.0-0239
An update of the mesos package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0239. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid126188...
Important Photon OS Security Update - PHSA-2019-0239
Updates of 'elfutils', 'binutils', 'krb5', 'nss', 'go', 'kubernetes', 'mesos' packages of Photon OS have been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0239
An update of 'krb5', 'elfutils', 'binutils', 'nss', 'mesos' packages of Photon OS has been released...
Critical Photon OS Security Update - PHSA-2019-0161
Updates of 'linux-aws', 'linux', 'kubernetes', 'polkit', 'wget', 'linux-secure', 'elfutils', 'python2', 'mesos', 'glib', 'python3', 'libsoup', 'linux-esx', 'libvirt', 'tar', 'curl', 'libtiff', 'libarchive', 'zookeeper' packages of Photon OS have been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0161
An update of 'libarchive', 'elfutils', 'wget', 'go', 'curl', 'linux-secure', 'python2', 'kubernetes', 'linux-esx', 'linux-aws', 'libtiff', 'mesos', 'glib', 'libsoup', 'libvirt', 'zookeeper', 'tar', 'linux', 'polkit', 'python3' packages of Photon OS has been released...
CVE-2019-0204
A flaw was found in Docker image running under root user, where it is possible to overwrite the init helper binary of the container runtime or the command executor in Apache Mesos. A malicious user could use this flaw to gain root-level code execution on the host...
Apache Mesos Code Execution Vulnerability
Apache Mesos is the United States Apache Apache Software Foundation of a set of support for Hadoop, ElasticSearch and Spark and other application architecture of open source cluster management software. There is a security vulnerability in Apache Mesos. The vulnerability can be exploited by an...
CVE-2019-0204
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...
Design/Logic Flaw
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...
CVE-2019-0204
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...
CVE-2019-0204
CVE-2019-0204 affects Apache Mesos (pre-1.4.x, and 1.4.0–1.4.2, 1.5.0–1.5.2, 1.6.0–1.6.1, 1.7.0–1.7.1). A crafted Docker image run as root can overwrite the container runtime init helper binary and/or the Mesos command executor, enabling root-level code execution on the host. Public records in th...
CVE-2019-0204
A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain...
Critical Photon OS Security Update - PHSA-2019-0141
Updates of 'mesos', 'python2' packages of Photon OS have been released...
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0141
An update of 'python2', 'mesos' packages of Photon OS has been released...
CVE-2018-11793
When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.1, 1.6.0 to 1.6.1, and 1.7.0 might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters...
Apache Mesos Denial of Service Vulnerability (CNVD-2019-40567)
Apache Mesos is the United States Apache Apache Software Foundation of a set of support for Hadoop, ElasticSearch and Spark and other application architecture of open source cluster management software. A denial of service vulnerability exists in Apache Mesos, which can be exploited by an attacke...
com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework (=0.1.0), com.hubspot.mesos.rx.java:mesos-rxjava-protobuf-client (=0.1.0) +4 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (=1.6.1)
org.apache.mesos:mesos MAVEN version =1.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.mesos:mesos and may be impacted: - com.hubspot.mesos.rx.java.example:mesos-rxjava-example-framework =0.1.0 -...
au.com.skytix:mesos-scheduler-client (>=1.0.11 <=1.0.15), au.com.skytix:velocity-scheduler (>=1.0.34 <=1.0.40) +44 more potentially affected by CVE-2018-11793 via org.apache.mesos:mesos (>=0.9.0-incubating <=1.4.2)
org.apache.mesos:mesos MAVEN version =0.9.0-incubating, =1.0.11, =1.0.34, =2.1.7, =2.1.7, =2.2.0, =2.2.0, =0.0.3, =2.1.2, =2.1.2, =0.18.0, =0.1.3, =0.1.3, =0.18.0, =0.18.0, =1.5.0 and more Source cves: CVE-2018-11793 Source advisory: OSV:GHSA-P2XQ-VCM7-XJJ6...