VYPR

rpm package

opensuse/incus&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/incus&distro=openSUSE%20Tumbleweed

Vulnerabilities (11)

  • CVE-2026-33945CriMar 27, 2026
    affected < 6.23-1.1fixed 6.23-1.1

    Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something lik

  • CVE-2026-33898HigMar 27, 2026
    affected < 6.23-1.1fixed 6.23-1.1

    Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server spawned by `incus webui` incorrectly validates the authentication token such that an invalid value will be accepted. `incus webui` runs a local web server on a random localhost port.

  • CVE-2026-33897Mar 26, 2026
    affected < 6.23-1.1fixed 6.23-1.1

    Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instanc

  • CVE-2026-33743Mar 26, 2026
    affected < 6.23-1.1fixed 6.23-1.1

    Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server of

  • CVE-2026-33711Mar 26, 2026
    affected < 6.23-1.1fixed 6.23-1.1

    Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.

  • CVE-2026-33542Mar 26, 2026
    affected < 6.23-1.1fixed 6.23-1.1

    Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to r

  • CVE-2026-23954Jan 22, 2026
    affected < 6.22-1.1fixed 6.22-1.1

    Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the templating functionality to achieve h

  • CVE-2026-23953Jan 22, 2026
    affected < 6.22-1.1fixed 6.22-1.1

    Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable containing newlines, which can be used to a

  • CVE-2025-52881Nov 6, 2025
    affected < 6.17-2.1fixed 6.17-2.1

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have

  • CVE-2025-52890HigJun 25, 2025
    affected < 6.14-1.1fixed 6.14-1.1

    Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filteri

  • CVE-2025-52889LowJun 25, 2025
    affected < 6.14-1.1fixed 6.14-1.1

    Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_fil