Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incus vulnerable to denial of source through crafted bucket backup file
Vulnerability Description
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a denial of service of the control plane API. This does not impact any running workload, existing containers and virtual machines will keep operating. Version 6.23.0 fixes the issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Incus 安全漏洞
Vulnerability Description
Incus是LXC开源的一个系统容器和虚拟机管理器。 Incus 6.23.0之前版本存在安全漏洞,该漏洞源于特制存储桶备份可被利用,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A