16 matches found
github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning
A flaw was found in containerd, an open-source container runtime. The CRI Container Runtime Interface checkpoint import process fails to validate image references within a checkpoint image's configuration. An attacker with permissions to create pods can exploit this by using a specially crafted...
CVE-2026-50195 containerd: CRI checkpoint import allows local image tag poisoning
containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...
GO-2026-5338 containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd
containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd...
containerd: CRI checkpoint import allows local image tag poisoning
Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd to pull a malicious...
GHSA-CVXM-645Q-P574 containerd: CRI checkpoint import allows local image tag poisoning
Impact containerd's CRI checkpoint import process contains a vulnerability where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods can use a crafted checkpoint image to force containerd to pull a malicious...
CVE-2026-31976
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
GHSA-F8Q5-H5QH-33MH xygeni-action v5 tag poisoned with C2 backdoor
Description On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main branch. However, the attacker used the...
EUVD-2026-11331
xygeni-action v5 tag poisoned with C2 backdoor...
CVE-2026-31976
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
CVE-2026-31976
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
CVE-2026-31976
xygeni-action, the GitHub Action for Xygeni Scanner, was abused via tag poisoning: compromised credentials moved the v5 tag to a malicious commit in a PR window (Mar 3–10, 2026). Workflows referencing xygeni-action@v5 could execute a C2 implant on CI runners for up to 180 seconds. The issue stems...
CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
CVE-2026-31976 xygeni-action v5 tag poisoned with C2 backdoor
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
PT-2026-24808
xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests 46, 47, 48 injecting obfuscated shell code into action.yml. The PRs were blocked by branch protection rules and never merged into the main...
xygeni-action 安全漏洞
Oxyni-action is a GitHub code security scanning workflow plugin developed by Xygeni. Oxyni-action has a security vulnerability that stems from tag poisoning, which can lead to supply chain attacks, allowing attackers to execute arbitrary commands on the CI runner...