Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8
CVE-2026-30892
- EPSS 0.02%
- Veröffentlicht 25.03.2026 23:57:01
- Zuletzt bearbeitet 27.03.2026 20:29:27
crun is an open source OCI Container Runtime fully written in C. In versions 1.19 through 1.26, the `crun exec` option `-u` (`--user`) is incorrectly parsed. The value `1` is interpreted as UID 0 and GID 0 when it should have been UID 1 and GID 0. ...
7.5
CVE-2022-27650
- EPSS 0.15%
- Veröffentlicht 04.04.2022 20:15:10
- Zuletzt bearbeitet 21.11.2024 06:56:06
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. ...
8.6
CVE-2019-18837
- EPSS 0.56%
- Veröffentlicht 13.11.2019 20:15:10
- Zuletzt bearbeitet 21.11.2024 04:33:40
An issue was discovered in crun before 0.10.5. With a crafted image, it doesn't correctly check whether a target is a symlink, resulting in access to files outside of the container. This occurs in libcrun/linux.c and libcrun/chroot_realpath.c.
1