9237 matches found
CVE-2024-8696
CVE-2024-8696 affects Docker Desktop versions before 4.34.2. The issue is a remote code execution (RCE) vulnerability that can be abused by a malicious extension via crafted extension publisher-url/additional-urls. Multiple connected sources corroborate an RCE risk tied to extension handling, wit...
CVE-2024-8696 A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.
A remote code execution RCE vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2...
CVE-2024-8696 A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.
A remote code execution RCE vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2...
CVE-2024-8695 A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.
A remote code execution RCE vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2...
CVE-2024-8695
Summary: CVE-2024-8695 affects Docker Desktop before 4.34.2, with a remote code execution (RCE) flaw exploitable via crafted extension descriptions or changelogs. The vulnerability is triggered when a malicious extension uses these fields, potentially allowing code execution on the host. The thre...
CVE-2024-8695 A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.
A remote code execution RCE vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2...
PT-2024-39182 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.34.2 Description: A remote code execution vulnerability exists via crafted extension description or changelog, which could be exploited by a malicious extension. Recommendations: For Docker Desktop versions...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software for lightweight deployment of applications based on container technology from Docker Inc. in the United States. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...
PT-2024-39183 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.34.2 Description: A remote code execution RCE vulnerability exists via crafted extension publisher-url/additional-urls that could be abused by a malicious extension. This issue can be exploited to execute co...
EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2385)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...
EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2360)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2411)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2434)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2385)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2360)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-2434)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...
EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-2411)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...
Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs
Summary The AWS Serverless Application Model SAM CLI is an open source tool that allows customers to build, deploy and test their serverless applications built on AWS. AWS SAM CLI can build container Docker images and customers can specify arguments in the SAM template that are passed to the Dock...
AWS SageMaker Training Toolkit logs CodeArtifact Authorization token
Description For SageMaker Training Toolkit1 versions 4.7.4; 4.7.3; 4.7.2; 4.7.1; 4.7.0, the authorization tokens for CodeArtifact temporary token with an expiration of 12 hours were logged in the log files when the CodeArtifact capability was enabled. If customers push these log files to their...