3 matches found
CVE-2025-57851
The CVE-2025-57851 entry describes a container privilege escalation in Multicluster Engine for Kubernetes images caused by /etc/passwd being created with group-writable permissions during build. In affected containers, a non-root user who is a member of the root group could modify /etc/passwd to ...
SUSE CVE-2025-54288
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the...
CVE-2025-54288 Source Container Identification Vulnerability via cmdline Spoofing in devLXD Server
Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the...