Lfprojects Apptainer vulnerabilities

CVE-2025-65105 [MEDIUM] CWE-61 CVE-2025-65105: Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a container c Apptainer is an open source container platform. In Apptainer versions less than 1.4.5, a container can disable two of the forms of the little used --security option, in particular the forms --security=apparmor: and --security=selinux: which otherwise put restrictions on operations that containers can do. The --security option has always been mentione

CVE-2023-38496 [LOW] CWE-269 CVE-2023-38496: Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privile Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host file

CVE-2023-30549 [HIGH] CWE-416 CVE-2023-30549: Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 p