Lucene search
+L

80 matches found

OSV
OSV
added 2022/09/30 12:50 p.m.3 views

SUSE-SU-2022:3480-1 Security update for buildah

This update for buildah fixes the following issues: - Updated to version 1.26.0: - CVE-2022-27651: Fixed an issue where containers were incorrectly started with non-empty inheritable Linux process capabilities bsc1197870. - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to...

9.3CVSS8.1AI score0.02603EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.39 views

Amazon Linux 2022 : containerd, containerd-stress, docker (ALAS2022-2022-054)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-054 advisory. A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with...

5.9CVSS6.8AI score0.00492EPSS
Exploits0References3
NVD
NVD
added 2022/08/12 3:15 p.m.21 views

CVE-2022-20262

In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

3.3CVSS0.00089EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20262

In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

3.3CVSS5.9AI score0.00089EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/06 12:0 a.m.44 views

SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2022:2680-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2680-1 advisory. - CVE-2022-27651: Fixed incorrect default inheritable capabilities for linux container bsc1197870. Update to version 1.25.1...

6.8CVSS6.8AI score0.01215EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.43 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2129)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine...

5.9CVSS7.1AI score0.00492EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.52 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2154)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine...

5.9CVSS7.1AI score0.00492EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.45 views

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2022-1963)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine...

5.9CVSS7.1AI score0.00492EPSS
Exploits0References2
OSV
OSV
added 2022/07/01 8:8 p.m.32 views

GO-2022-0417 Incorrect default permissions in github.com/containers/buildah

Containers are created with non-empty inheritable Linux process capabilities, permitting programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2. This bug does not affect the container security sandbox, as the inheritable set never contains mo...

6.8CVSS7.1AI score0.01215EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/06/24 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2022:2165-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.0039EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/06/10 12:0 a.m.61 views

Amazon Linux 2 : containerd, docker (ALASNITRO-ENCLAVES-2022-019)

The version of containerd installed on the remote host is prior to 1.4.13-2. The version of docker installed on the remote host is prior to 20.10.13-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO- ENCLAVES-2022-019 advisory. A flaw was found in Moby Docker Engine...

5.9CVSS6.9AI score0.00492EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/06/07 2:29 a.m.71 views

CVE-2022-29162

A flaw was found in runc, where runc exec --cap executed processes with non-empty inheritable Linux process capabilities. This issue creates an atypical Linux environment and enables programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2...

7.8CVSS6.3AI score0.0039EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:36 p.m.46 views

Default inheritable capabilities for linux container should be empty

Impact A bug was found in runc where runc exec --cap executed processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2. This bu...

7.8CVSS7.6AI score0.0039EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/05/21 8:50 a.m.6 views

MGASA-2022-0192 Updated opencontainers-runc packages fix security vulnerability

A bug was found in runc where runc exec --cap executed processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve2. This bug did n...

7.8CVSS7.8AI score0.0039EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.45 views

Oracle Linux 8 : container-tools:3.0 (ELSA-2022-1793)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1793 advisory. - fix CVE-2022-27650 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

7.5CVSS8.1AI score0.01133EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/05/17 9:15 p.m.45 views

CVE-2022-29162

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling...

7.8CVSS6.7AI score0.0039EPSS
Exploits0References4
Prion
Prion
added 2022/05/17 9:15 p.m.26 views

Design/Logic Flaw

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling...

4.6CVSS7.6AI score0.0039EPSS
Exploits0References7Affected Software2
Vulnrichment
Vulnrichment
added 2022/05/17 12:0 a.m.7 views

CVE-2022-29162 Incorrect Default Permissions in runc

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling...

5.9CVSS7.8AI score0.0039EPSS
Exploits0References7
CVE
CVE
added 2022/05/17 12:0 a.m.462 views

CVE-2022-29162

CVE-2022-29162 affects runc prior to version 1.1.2, where runc exec --cap could create processes with inheritable Linux capabilities, enabling elevation of capabilities to the permitted set during execve. The issue does not affect the container sandbox since the inheritable set is bounded by the ...

7.8CVSS6.8AI score0.0039EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/05/17 12:0 a.m.35 views

CVE-2022-29162 Incorrect Default Permissions in runc

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where runc exec --cap created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling...

5.9CVSS6.8AI score0.0039EPSS
Exploits0References9
Rows per page
Query Builder