Количество 17
Количество 17
CVE-2021-32760
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
CVE-2021-32760
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
CVE-2021-32760
containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files.
CVE-2021-32760
Archive package allows chmod of file outside of unpack target directory
CVE-2021-32760
containerd is a container runtime. A bug was found in containerd versi ...
openSUSE-SU-2021:2412-1
Security update for containerd
openSUSE-SU-2021:1081-1
Security update for containerd
SUSE-SU-2021:2413-1
Security update for containerd
SUSE-SU-2021:2412-1
Security update for containerd
GHSA-c72p-9xmj-rx3w
Archive package allows chmod of file outside of unpack target directory
ELSA-2021-9373
ELSA-2021-9373: containerd security update (IMPORTANT)
ELSA-2021-15790
ELSA-2021-15790: containerd security update (IMPORTANT)
BDU:2021-04214
Уязвимость реализации команды chmod среды выполнения контейнеров Containerd, позволяющая нарушителю повысить свои привилегии
openSUSE-SU-2021:3506-1
Security update for containerd, docker, runc
openSUSE-SU-2021:1404-1
Security update for containerd, docker, runc
SUSE-SU-2021:3506-1
Security update for containerd, docker, runc
SUSE-SU-2021:3336-1
Security update for containerd, docker, runc
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-32760 containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files. | CVSS3: 5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-32760 containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files. | CVSS3: 5.5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-32760 containerd is a container runtime. A bug was found in containerd versions prior to 1.4.8 and 1.5.4 where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in containerd 1.5.4 and 1.4.8. As a workaround, ensure that users only pull images from trusted sources. Linux security modules (LSMs) like SELinux and AppArmor can limit the files potentially affected by this bug through policies and profiles that prevent containerd from interacting with specific files. | CVSS3: 5 | 0% Низкий | больше 4 лет назад |
 | CVE-2021-32760 Archive package allows chmod of file outside of unpack target directory | CVSS3: 6.3 | 0% Низкий | больше 4 лет назад |
| CVE-2021-32760 containerd is a container runtime. A bug was found in containerd versi ... | CVSS3: 5 | 0% Низкий | больше 4 лет назад |
 | openSUSE-SU-2021:2412-1 Security update for containerd | 0% Низкий | больше 4 лет назад | |
| openSUSE-SU-2021:1081-1 Security update for containerd | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:2413-1 Security update for containerd | 0% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:2412-1 Security update for containerd | 0% Низкий | больше 4 лет назад | |
| GHSA-c72p-9xmj-rx3w Archive package allows chmod of file outside of unpack target directory | CVSS3: 5 | 0% Низкий | больше 4 лет назад |
| ELSA-2021-9373 ELSA-2021-9373: containerd security update (IMPORTANT) | больше 4 лет назад | ||
| ELSA-2021-15790 ELSA-2021-15790: containerd security update (IMPORTANT) | больше 4 лет назад | ||
 | BDU:2021-04214 Уязвимость реализации команды chmod среды выполнения контейнеров Containerd, позволяющая нарушителю повысить свои привилегии | CVSS3: 5 | 0% Низкий | больше 4 лет назад |
| openSUSE-SU-2021:3506-1 Security update for containerd, docker, runc | больше 4 лет назад | ||
| openSUSE-SU-2021:1404-1 Security update for containerd, docker, runc | больше 4 лет назад | ||
| SUSE-SU-2021:3506-1 Security update for containerd, docker, runc | больше 4 лет назад | ||
| SUSE-SU-2021:3336-1 Security update for containerd, docker, runc | больше 4 лет назад |
Уязвимостей на страницу