Lucene search
K

9 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS0.00316EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2 days ago6 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00316EPSS
Exploits0
CVE
CVE
added 2 days ago22 views

CVE-2026-50195

Containerd CVE-2026-50195 affects CRI checkpoint import: unvalidated image references in a checkpoint config allow an attacker with pod-creation permissions to trigger pulling a malicious image and assign it a local tag, poisoning the node’s local image cache. Subsequent pods on the same node usi...

9.9CVSS6.1AI score0.00316EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/19 7:35 p.m.12 views

containerd: CRI checkpoint import allows local image tag poisoning

Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd to pull a malicious...

9.9CVSS6.3AI score0.00316EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/03 9:36 p.m.8 views

GHSA-F49J-V924-FX9W Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

10CVSS6.4AI score0.0086EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/11 12:0 a.m.3 views

PT-2024-36825 · Unknown · Fence Agents Remediation Operator

Name of the Vulnerable Software and Affected Versions: Fence Agents Remediation operator affected versions not specified Description: A flaw was found in the Fence Agents Remediation operator, allowing a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the...

8.8CVSS8.1AI score0.01369EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2018/12/03 5:31 p.m.86 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.4 security update

An update is now available for Red Hat OpenShift Container Platform release 3.4. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

9.8CVSS7.3AI score0.86978EPSS
Exploits10References4
RedHat Linux
RedHat Linux
added 2018/12/03 5:29 p.m.7 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2018/03/12 7:40 p.m.3 views

kubernetes: Volume security can be sidestepped with innocent emptyDir and subpath

It was found that volume security can be sidestepped with innocent emptyDir and subpath. This could give an attacker with access to a pod full control over the node host by gaining access to docker socket...

9.6CVSS7.2AI score0.11586EPSS
Exploits2References5
Rows per page
Query Builder