Lucene search
K

10 matches found

OSV
OSV
added 2026/03/10 6:28 p.m.11 views

GO-2026-4590 Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user in github.com/rancher/rancher

Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/02/12 10:6 p.m.5 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the handler process. An attacker can trigger unauthorized WASM module execution in the controller context by sending crafted AdmissionReview requests directly to webhook endpoints from an...

8.7CVSS5.9AI score0.0041EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.19 views

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2023-3118)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1,...

7.5CVSS7.5AI score0.27392EPSS
Exploits4References2
Amazon
Amazon
added 2023/11/16 12:0 a.m.3 views

Medium: containerd

Issue Overview: A bug was found in containerd where containers launched through containerd's CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on...

7.5CVSS7AI score0.27392EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2022/05/17 12:0 a.m.62 views

Ubuntu 20.04 LTS : containerd regression (USN-5311-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5311-2 advisory. USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for this CVE by mistake. This update corrects the problem. We...

7.5CVSS7.2AI score0.27392EPSS
Exploits4References2
OSV
OSV
added 2022/03/06 10:40 a.m.9 views

MGASA-2022-0088 Updated docker-containerd packages fix security vulnerability

A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup...

7.5CVSS7.7AI score0.27392EPSS
Exploits4References4
CVE
CVE
added 2022/03/03 12:0 a.m.532 views

CVE-2022-23648

CVE-2022-23648 affects containerd’s CRI implementation on Linux where specially-crafted image configurations could allow reading read-only copies of arbitrary host files and directories, potentially bypassing policy enforcement. The issue was fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users s...

7.5CVSS7.8AI score0.27392EPSS
Exploits4References11Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/02 12:0 a.m.2 views

PT-2022-2056

Name of the Vulnerable Software and Affected Versions containerd versions prior to 1.6.1 containerd versions prior to 1.5.10 containerd versions prior to 1.4.12 Description A bug was found in containerd where containers launched through containerd’s CRI implementation with a specially-crafted ima...

9.3CVSS7.3AI score0.27392EPSS
Exploits7References91
Github Security Blog
Github Security Blog
added 2022/01/06 5:36 p.m.71 views

Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux

Impact Containers launched through containerd’s CRI implementation on Linux systems which use the SELinux security module and containerd versions since v1.5.0 can cause arbitrary files and directories on the host to be relabeled to match the container process label through the use of...

9.1CVSS0.7AI score0.0169EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2017/07/17 1:18 p.m.2 views

DEBIAN-CVE-2017-1000056

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object...

9.8CVSS7.2AI score0.02436EPSS
Exploits0References1
Rows per page
Query Builder