Vulnerabilities (CVE)

Filtered by vendor Canonical Subscribe
Filtered by product Multipass
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3747 2 Apple, Canonical 2 Macos, Multipass 2024-11-21 4.6 MEDIUM 8.8 HIGH
The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner.
CVE-2021-3626 2 Canonical, Microsoft 2 Multipass, Windows 2024-11-21 4.6 MEDIUM 8.8 HIGH
The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation.