68 matches found
ROS-20251014-08
A vulnerability in the Podman OCI container management and launching software tool is related to an insecure link following a problem in the Podman Kube Play command. Exploitation of the vulnerability could allow An attacker to cause a denial of service...
EUVD-2025-21896
Malicious code in bioql PyPI...
CVE-2025-53945
apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue...
CVE-2025-53945 apko has incorrect permission (0666) in /etc/ld.so.cache and other files
apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue...
CVE-2025-53945 apko has incorrect permission (0666) in /etc/ld.so.cache and other files
apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue...
CVE-2025-53945
CVE-2025-53945 concerns apko, Chainguard’s tool for building/publishing OCI images. Affected versions prior to 0.29.5 inadvertently set critical files to 0666 permissions, notably /etc/ld.so.cache, enabling a local unprivileged user to potentially influence the dynamic loader path by placing a ma...
CVE-2025-53945 apko has incorrect permission (0666) in /etc/ld.so.cache and other files
apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue...
RHEL 9 : buildah (RHSA-2025:9147)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:9147 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...
ALSA-2025:9148 Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
ALSA-2025:7389 Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Moderate: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
RLSA-2025:0923 Important: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
CVE-2025-24965 .krun_config.json symlink attack creates or overwrites file on the host in crun
crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current...
Important: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
ROS-20250128-11
A vulnerability in the Podman OCI container management and launching software tool is associated with a breakout of a container using --jobs=2 and a race condition when building a malicious Containerfile. Exploitation of the vulnerability could allow a remote attacker to disrupt the availability ...