286 matches found
CVE-2025-54469
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
CVE-2025-54469
NeuVector Enforcer is vulnerable to command injection due to unsanitized use of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to compose shell commands via popen. Connected sources (GO-2025-4042, NVD/OSV entries) confirm the issue and potential impact (command injection; buffer over...
CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
CVE-2025-54469 NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
NeuVector 操作系统命令注入漏洞
NeuVector is an end-to-end container security platform from US-based NeuVector. The platform includes features such as image vulnerability management, access control, and container process/filesystem protection. NeuVector suffers from an operating system command injection vulnerability that stems...
SUSE CVE-2025-54469
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the enforcer...
GHSA-C8G6-QRWH-M3VP NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
Impact A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the...
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
Impact A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTERRPCPORT and CLUSTERLANPORT to generate a command to be executed via popen, without first sanitising their values. The entry process of the enforcer container is the monitor process. When the...
PT-2025-43268
Name of the Vulnerable Software and Affected Versions NeuVector versions prior to 5.4.7 Description A critical issue exists in NeuVector where the enforcer component improperly handles environment variables CLUSTER RPC PORT and CLUSTER LAN PORT. These variables are used to construct shell command...
EUVD-2002-0646
Malware in sbrugna...
EUVD-2012-6595
Malware in sbrugna...
EUVD-2020-0083
Malware in sbrugna...
EUVD-2009-3276
Malware in sbrugna...
EUVD-2015-5623
Malware in sbrugna...
EUVD-2020-0159
Malware in sbrugna...
EUVD-1999-1449
Malware in sbrugna...
EUVD-2013-1691
Malware in sbrugna...
EUVD-2017-5631
Malware in sbrugna...
EUVD-2024-31727
Malicious code in bioql PyPI...
EUVD-2024-0100
Malicious code in bioql PyPI...