PT-2026-31313

Name of the Vulnerable Software and Affected Versions Red Hat Process Automation Manager affected versions not specified Description A container privilege escalation flaw exists due to group-writable permissions on the /etc/passwd file during image build time. An attacker executing commands withi...

CVE-2025-8766 Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container

A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

EUVD-2020-12563

Malware in sbrugna...

EUVD-2020-12559

Malware in sbrugna...

SUSE CVE-2020-1705

A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. An attacker with access to the container could use this...

CVE-2019-19354

An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges...

Design/Logic Flaw

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating...

CVE-2019-19346

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their...

Unspecified Vulnerability in Red Hat OpenShift Container Platform openshift/mediawiki

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in version 4.x.x of...

CVE-2020-1707

A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and...

PT-2020-10147 · Red Hat · Openshift/Ocp-Release-Operator-Sdk +2

Name of the Vulnerable Software and Affected Versions: openshift/ocp-release-operator-sdk affected versions not specified openshift/ansible-operator-container as shipped in Openshift 4 affected versions not specified Description: An insecure modification vulnerability in the /etc/passwd file was...

CVE-2019-19351

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, a vulnerability in the Linux kernel that allows for a local privilege escalation. The exploit is implemented in C++ and has been ported to Go and a legacy version without C++11 features. The exploit modifies the /etc/passwd file, forcing the password...

CVE-2015-3246

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE: this issue can be combined wi...