Exploit for File Descriptor Leak in Linuxfoundation Runc

CVE-2024-21626-POC Instructions For educational/research pu...

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

Moby and the Open Container Initiative OCI have released updates for multiple vulnerabilities CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626 affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take...

Exploit for Path Traversal in Jenkins

Jenkins CVE-2024-23897 PoC A proof-of-concept PoC for CVE-2...

PT-2024-20534 · Crafatar · Crafatar

Name of the Vulnerable Software and Affected Versions: Crafatar versions prior to 2.1.5 Description: Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind...

GHSA-3FWX-PJGW-3558 Moby (Docker Engine) Insufficiently restricted permissions on data directory

Impact A bug was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable...

Moby (Docker Engine) Insufficiently restricted permissions on data directory

Impact A bug was found in Moby Docker Engine where the data directory typically /var/lib/docker contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable...

GHSA-QRQR-3X5J-2XW9 Docker Authentication Bypass

An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root...

Docker Authentication Bypass

An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root...

GHSA-6FJ5-M822-RQX8 moby docker daemon crash during image pull of malicious image

Impact Pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Patches Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. Credits Maintainers would like to thank Josh Larsen, Ian Coldwater, Duffie Cooley, Rory McCune for working on th...

moby Access to remapped root allows privilege escalation to real root

Impact When using --userns-remap, if the root user in the remapped namespace has access to the host filesystem they can modify files under /var/lib/docker/ that cause writing files with extended privileges. Patches Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation fr...

GHSA-7452-XQPJ-6RPC moby Access to remapped root allows privilege escalation to real root

Impact When using --userns-remap, if the root user in the remapped namespace has access to the host filesystem they can modify files under /var/lib/docker/ that cause writing files with extended privileges. Patches Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation fr...

Path Traversal in Moby builder

util/binfmtmisc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call...

GHSA-6HWG-W5JG-9C6X Path Traversal in Moby builder

util/binfmtmisc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call...

GHSA-XR7R-F8XQ-VFVV runc vulnerable to container breakout through process.cwd trickery and leaked fds

Impact In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem "attack 2". Th...

GHSA-M3R6-H7WV-7XXV vulnerabilities

Vulnerabilities for packages: skaffold, kubescape, docker, guac, zot, buildkitd, kaniko, scorecard, conftest, trivy, datadog-agent...

GHSA-4V98-7QMW-RQR8 vulnerabilities

Vulnerabilities for packages: skaffold, kubescape, docker, guac, zot, buildkitd, kaniko, scorecard, conftest, trivy, datadog-agent...

GHSA-4V98-7QMW-RQR8 vulnerabilities

Vulnerabilities for packages: kaniko, zot, kubescape, datadog-agent-fips, conftest, skaffold, buildkitd, trivy, docker, guac, scorecard, conftest-fips, datadog-agent...

CVE-2024-23652 vulnerabilities

Vulnerabilities for packages: kaniko, zot, kubescape, datadog-agent-fips, conftest, skaffold, buildkitd, trivy, docker, guac, scorecard, conftest-fips, datadog-agent...

AZL-35439 CVE-2024-23653 affecting package docker-compose for versions less than 2.27.0-1

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask...

CVE-2024-23653 vulnerabilities

Vulnerabilities for packages: kaniko, zot, kubescape, datadog-agent-fips, conftest, skaffold, buildkitd, trivy, docker, guac, scorecard, conftest-fips, datadog-agent...