Exploit for CVE-2026-27771

CVE-2026-27771 — Gitea Container Registry Auth Bypass CVSS:...

EUVD-2021-2367

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-41190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification versi...

Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing

Impact In the OCI Distribution Specification version 1.0.0 and prior and in the OCI Image Specification version 1.0.1 and prior, manifest and index documents are ambiguous without an accompanying Content-Type HTTP header. Versions of Moby Docker Engine prior to 20.10.11 treat the Content-Type...

RHEL 8 : cri-o (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull CVE-2020-8945 - The OCI...

Medium: containerd

Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...

Amazon Linux 2 : containerd (ALASECS-2023-026)

The version of containerd installed on the remote host is prior to 1.4.6-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2023-026 advisory. The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OC...

The vulnerability of the application for simplifying and standardizing the distribution of content within Open Container Initiative Distribution Specification (OCI Distribution Specification) lies in a type mixing error. This allows attackers to compromise the integrity of the protected information.

The vulnerability of the application for simplifying and standardizing the distribution of content within Open Container Initiative Distribution Specification OCI Distribution Specification is related to an error in mixing types during the processing of the Content-Type header, which contains...

Rocky Linux 8 : container-tools:rhel8 (RLSA-2022:7457)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7457 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 whe...

SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0326-1 advisory. - Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remote hosts. This...

SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2023:0187-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0187-1 advisory. - Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 including from remot...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2022:7457)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7457 advisory. golang: net/http/httputil: panic due to racy read of persistConn after handler panic CVE-2021-36221 cri-o: memory exhaustion on the node when access to th...

EulerOS 2.0 SP5 : docker-engine (EulerOS-SA-2022-2706)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distributi...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2253)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2240)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2022-2218)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...

SUSE SLES12 Security Update : containerd, docker (SUSE-SU-2022:1507-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1507-1 advisory. - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI...

SUSE SLES15 Security Update : containerd, docker (SUSE-SU-2022:0334-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0334-1 advisory. - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempting ...

openSUSE 15 Security Update : singularity (openSUSE-SU-2021:1525-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1525-1 advisory. - The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution...

MGASA-2021-0531 Updated docker-containerd packages fix security vulnerability

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents...