6 matches found
CVE-2026-46703
Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite allows users to specify the OCI image used by containers in the sandbox. However, when processing tar entries in...
EUVD-2026-36165
Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. Prior to version 0.9.0, Boxlite allows users to specify the OCI image used by containers in the sandbox. However, when processing tar entries in...
BoxLite 路径遍历漏洞
BoxLite is an open-source embedded microvirtual machine runtime developed by BoxLite. It provides hardware-isolated secure sandboxes for AI agents and code execution scenarios. Versions of BoxLite prior to 0.9.0 contained a path traversal vulnerability. This vulnerability stemmed from the lack of...
EUVD-2026-4945
malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Starting in version 0.10.0 and prior to version 1.20.3, malcontent could be made to expose Docker registry credentials if it scanned a specially crafted OCI image reference. malcontent uses...
ALSA-2026:0436 Important: buildah security update
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...
Aleksa Sarai umoci modifies Open Container images 输入验证错误漏洞
Aleksa Sarai umoci modifies Open Container images is an open source application from Aleksa Sarai, a reference implementation of the OCI image specification that provides users with the ability to create, manipulate, and interact with container images. A security vulnerability exists in Open...