Improper Validation of Consistency within Input

Overview Affected versions of this package are vulnerable to Improper Validation of Consistency within Input through the internalImportFromBackup process in lxd/apiinternal.go. An attacker can create a backup archive with a benign backup/index.yaml and a malicious backup/container/backup.yaml, th...

LXD: Importing a crafted backup leads to project restriction bypass

Summary LXD instance backup import validates project restrictions against backup/index.yaml embedded in the tar archive, but creates the actual instance from backup/container/backup.yaml extracted to the storage volume. Because these are separate, independently attacker-controlled files within th...

GHSA-Q96J-3FMM-7FV4 LXD: Importing a crafted backup leads to project restriction bypass

Summary LXD instance backup import validates project restrictions against backup/index.yaml embedded in the tar archive, but creates the actual instance from backup/container/backup.yaml extracted to the storage volume. Because these are separate, independently attacker-controlled files within th...

GO-2026-4590 Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user in github.com/rancher/rancher

Rancher's restricted PodSecurityPolicy does not prevent containers from running as a privileged user in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing...

MiracleLinux 8 : container-tools:2.0 (AXSA:2021-1557:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1557:01 advisory. podman: container users permissions are not respected in privileged containers CVE-2021-20188 Tenable has extracted the preceding description block directly...

MiracleLinux 7 : podman-1.6.4-29.el7 (AXSA:2021-1611:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1611:02 advisory. podman: container users permissions are not respected in privileged containers CVE-2021-20188 Tenable has extracted the preceding description block directly...

EUVD-2021-1027

Malware in sbrugna...

EUVD-2024-54979

Malicious code in bioql PyPI...

IBM Security Verify Information Queue 安全漏洞

IBM Security Verify Information Queue is a microservices architecture integration platform that leverages Kafka technology and a publish/subscribe model to integrate data between IBMSecurity products, acting as a cross-product data exchange hub. An elevation of privilege vulnerability exists in I...

Kyverno's PolicyException objects can be created in any namespace by default

Summary A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. Details By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this allows users with privileges to...

GHSA-QJVC-P88J-J9RM Kyverno's PolicyException objects can be created in any namespace by default

Summary A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. Details By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this allows users with privileges to...

CVE-2024-48921 Kyverno's PolicyException objects can be created in any namespace by default

Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random namespace. By design, PolicyExceptions are consumed from any namespace. Administrators may not recognize that this...

BuildKit 安全漏洞

BuildKit is concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit. A security vulnerability exists in BuildKit version v0.12.4 and earlier. An attacker could exploit this vulnerability to use the API to run containers with elevated privileges...

Command injection

Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to...

CVE-2023-32080 Wings vulnerable to escape to host from installation container

Wings is the server control plane for Pterodactyl Panel. A vulnerability affecting versions prior to 1.7.5 and versions 1.11.0 prior to 1.11.6 impacts anyone running the affected versions of Wings. This vulnerability can be used to gain access to the host system running Wings if a user is able to...

PT-2023-19941 · Wings · Wings

Name of the Vulnerable Software and Affected Versions: Wings versions prior to v1.11.3 Wings versions prior to v1.7.3 Description: The vulnerability in Wings allows attackers to create new files and directory structures on the host system, potentially enabling them to change resource allocations,...

Capsule Console 安全漏洞

Capsule Console is a web interface for Capsule8 from Capsule USA, Inc. for event management, sensor configuration, and system analysis. A security vulnerability exists in versions of Capsule prior to 0.1.3, which stems from the fact that an attacker can detach namespaces from tenants that are...

PT-2022-24954 · Vela Ui +2 · Vela Ui +3

Name of the Vulnerable Software and Affected Versions: Vela Server versions prior to 0.16.0 Vela Worker versions prior to 0.16.0 Vela UI versions prior to 0.17.0 Description: The issue concerns default configurations in Vela that allow exploitation and container breakouts. Specifically, running...

CVE-2021-38941

IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048...

CVE-2022-20762

A vulnerability in the Common Execution Environment CEE ConfD CLI of Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure SMI software could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to insufficient access control in...