Lucene search
WolfiWOLFI:CVE-2024-21626HistoryMay 08, 2024 - 3:29 p.m.
CVE-2024-21626 vulnerabilities
2024-05-0815:29:17
packages.wolfi.dev
211
cve-2024-21626
vulnerabilities
packages
unix
security
zot
telegraf-1.28
cadvisor
skaffold
buildkitd
kaniko
trivy
kubescape
syft
nerdctl
skopeo
ctop
zarf
wolfictl
nvidia-device-plugin
k3s
grype
kots
datadog-agent
docker
newrelic-infrastructure-agent
kubernetes-1.29
k9s
ingress-nginx-controller
k3d
runc
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.051 Low
EPSS
Percentile
92.9%
Vulnerabilities for packages: kubescape, kots, k3d, ctop, ingress-nginx-controller, kaniko, nvidia-device-plugin, cadvisor, nerdctl, grype, datadog-agent, k3s, zarf, k9s, telegraf, trivy, kubernetes, zot, skopeo, wolfictl, newrelic-infrastructure-agent, skaffold, docker, buildkitd, runc, syft
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Wolfi | unknown | x86_64 | buildkitd | <= 0.12.5-r1 | buildkitd-0.12.5-r1.apk |
| Wolfi | unknown | aarch64 | buildkitd | <= 0.12.5-r1 | buildkitd-0.12.5-r1.apk |
| Wolfi | unknown | x86_64 | cadvisor | <= 0.48.1-r4 | cadvisor-0.48.1-r4.apk |
| Wolfi | unknown | aarch64 | cadvisor | <= 0.48.1-r4 | cadvisor-0.48.1-r4.apk |
| Wolfi | unknown | x86_64 | ctop | <= 0.7.7-r13 | ctop-0.7.7-r13.apk |
| Wolfi | unknown | aarch64 | ctop | <= 0.7.7-r13 | ctop-0.7.7-r13.apk |
| Wolfi | unknown | x86_64 | datadog-agent | <= 7.50.3-r1 | datadog-agent-7.50.3-r1.apk |
| Wolfi | unknown | aarch64 | datadog-agent | <= 7.50.3-r1 | datadog-agent-7.50.3-r1.apk |
| Wolfi | unknown | x86_64 | docker | <= 25.0.2-r0 | docker-25.0.2-r0.apk |
| Wolfi | unknown | aarch64 | docker | <= 25.0.2-r0 | docker-25.0.2-r0.apk |
Related
nessus
nessus
SUSE SLES12 Security Update : runc (SUSE-SU-2024:0328-1)
2024-02-06 00:00:00
Fedora 39 : runc (2024-900dc7f6ff)
2024-02-06 00:00:00
SUSE SLES12 Security Update : runc (SUSE-SU-2024:0294-1)
2024-02-02 00:00:00
redos
redos
ROS-20240410-18
2024-04-10 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in Open Container Initiative runc [CVE-2024-21626]
2024-03-28 22:00:56
kaspersky
kaspersky
KLA64657 PE vulnerability in Microsoft Azure
2024-02-28 00:00:00
KLA64658 PE vulnerability in Microsoft Mariner
2024-02-28 00:00:00
packetstorm
packetstorm
runc 1.1.11 File Descriptor Leak Privilege Escalation
2024-02-05 00:00:00
amazon
amazon
Important: runc
2024-01-25 19:21:00
openvas
openvas
Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1504)
2024-04-08 00:00:00
Fedora: Security Advisory for runc (FEDORA-2024-9044c9eefa)
2024-02-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0295-1)
2024-02-02 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: runc-1.1.12-1.fc38
2024-02-11 05:39:52
[SECURITY] Fedora 39 Update: runc-1.1.12-1.fc39
2024-02-06 01:18:51
cbl_mariner
cbl_mariner
CVE-2024-21626 affecting package cri-tools for versions less than 1.28.0-5
2024-02-25 03:00:06
CVE-2024-21626 affecting package kubevirt for versions less than 1.2.0-1
2024-04-17 22:02:46
CVE-2024-21626 affecting package kubernetes for versions less than 1.28.4-3
2024-02-25 03:00:06
githubexploit
githubexploit
Exploit for CVE-2024-21626
2024-02-07 07:38:22
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
2024-02-02 02:51:29
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
2024-02-02 11:51:08
redhat
redhat
(RHSA-2024:0752) Important: container-tools:rhel8 security update
2024-02-08 17:22:59
(RHSA-2024:0758) Important: container-tools:2.0 security update
2024-02-08 17:23:59
(RHSA-2024:0755) Important: runc security update
2024-02-08 17:23:34
cve
cve
CVE-2024-21626
2024-01-31 22:15:53
redhatcve
redhatcve
CVE-2024-21626
2024-01-31 21:41:31
oraclelinux
oraclelinux
container-tools:ol8 security update
2024-02-14 00:00:00
runc security update
2024-02-09 00:00:00
runc security update
2024-02-09 00:00:00
osv
osv
runc - security update
2024-02-04 00:00:00
Important: runc security update
2024-02-02 00:00:00
Talos Linux ships runc vulnerable to the escape to the host attack
2024-02-02 18:11:06
alpinelinux
alpinelinux
CVE-2024-21626
2024-01-31 22:15:53
almalinux
almalinux
Important: container-tools:rhel8 security update
2024-02-08 00:00:00
Important: runc security update
2024-02-02 00:00:00
Important: container-tools:4.0 security update
2024-02-08 00:00:00
github
github
Talos Linux ships runc vulnerable to the escape to the host attack
2024-02-02 18:11:06
ubuntucve
ubuntucve
CVE-2024-21626
2024-01-31 00:00:00
metasploit
metasploit
runc (docker) File Descriptor Leak Privilege Escalation
2024-02-01 20:28:04
mscve
mscve
veracode
veracode
Sandbox Escape
2024-02-01 12:28:33
debian
debian
[SECURITY] [DSA 5615-1] runc security update
2024-02-04 18:54:11
[SECURITY] [DLA 3735-1] runc security update
2024-02-19 02:28:00
cgr
cgr
CVE-2024-21626 vulnerabilities
2024-05-08 15:29:42
rocky
rocky
container-tools:rhel8 security update
2024-02-12 20:17:26
prion
prion
Design/Logic Flaw
2024-01-31 22:15:00
ubuntu
ubuntu
runC vulnerability
2024-01-31 00:00:00
debiancve
debiancve
CVE-2024-21626
2024-01-31 22:15:53
zdt
zdt
runc 1.1.11 File Descriptor Leak Privilege Escalation Exploit
2024-02-05 00:00:00
attackerkb
attackerkb
CVE-2019-5736
2019-02-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2393
2024-04-11 07:16:35
thn
thn
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
2024-01-31 20:00:00
securelist
securelist
Exploits and vulnerabilities in Q1 2024
2024-05-07 10:00:39
avleonov
avleonov
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
8.6 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.051 Low
EPSS
Percentile
92.9%
Related for WOLFI:CVE-2024-21626