Amazon EFS CSI Driver has mount option injection via unsanitized volumeHandle and mounttargetip fields

Summary The Amazon EFS CSI Driver is a Container Storage Interface driver that allows Kubernetes clusters to use Amazon Elastic File System. An issue exists where, under certain circumstances, unsanitized values in the volumeHandle and mounttargetip fields are passed directly to the mount command...

EUVD-2022-0981

Malicious code in bioql PyPI...

SUSE CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

runc through 1.0.0-rc8 as used in Docker through 19.03.2-ce and other products allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets and thus a malicious Docker image can mount over a /proc directory.

...

CVE-2018-12559

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The mount target path check in mounter.cpp mpOk is insufficient. A regular user can consequently mount a CIFS filesystem anywhere e.g., outside of the /home directory tree by passing directory traversal sequenc...

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

Code injection

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...

Ubuntu: Security Advisory (USN-2753-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2015-1335

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a 1 mount target or 2 bind mount source...