9153 matches found
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...
GHSA-VP62-88P7-QQF5 Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
Summary A race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem. This advisory covers the race during mountpoint creation. The related race during the subsequent mount syscall is tracked in...
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
Summary A race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem. This advisory covers the race during mountpoint creation. The related race during the subsequent mount syscall is tracked in...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...
UNIX Symbolic Link (Symlink) Following
Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...
Docker: `PUT /containers/{id}/archive` executes container binary on the host
Summary When a user uploads a compressed archive into a container, a malicious image can execute arbitrary code with daemon host root privileges. Details When handling PUT /containers/id/archive requests with compressed archives, the daemon decompresses them using external system binaries. Due to...
Uncontrolled Search Path Element
Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element during the archive decompression for PUT /containers/id/archive API requests. An attacker can execute arbitrary code on the host with daemon privileges by uploading a compressed archive containing a...
CLEANSTART-2026-HI89495 Security fixes for CVE-2019-13509, CVE-2019-14271, CVE-2020-13401, CVE-2021-21285, CVE-2021-41089, CVE-2022-29526, CVE-2023-26054, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-24557, CVE-2024-41110, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33748, CVE-2026-33810, CVE-2026-39882, CVE-2026-39883, CVE-2026-39984, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-78h2-9frx-2jm8, ghsa-hfvc-g4fc-pqhx, ghsa-w8rr-5gcm-pp58, ghsa-xm5m-wgh2-rrg3, ghsa-xmrv-pmrh-hhx2 applied in versions: 18.09.7-r0, 18.09.8-r0, 19.03.1-r0, 19.03.11-r0, 19.03.14-r0, 20.10.11-r0, 20.10.14-r0, 20.10.16-r0, 20.10.18-r0, 20.10.20-r0, 20.10.3-r0, 20.10.9-r0, 23.0.2-r0, 23.0.3-r0, 25.0.2-r0, 26.0.0-r0, 26.0.2-r0, 26.1.5-r0, 29.3.0-r1
Multiple security vulnerabilities affect the docker package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-FK40318 Security fixes for CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33747, CVE-2026-33748, CVE-2026-34040, CVE-2026-39882, CVE-2026-39883, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-hfvc-g4fc-pqhx, ghsa-p77j-4mvh-x3m3, ghsa-w8rr-5gcm-pp58 applied in versions: 5.1.0-r0
Multiple security vulnerabilities affect the docker-compose package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-LI56163 Security fixes for CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 1.0.8-r0, 1.0.8-r1
Multiple security vulnerabilities affect the confluent-cp-docker-utils package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-RD06185 Security fixes for CVE-2024-29371, CVE-2026-1225, CVE-2026-24281, CVE-2026-24308, CVE-2026-42577, CVE-2026-42583, ghsa-25qh-j22f-pwp8, ghsa-3677-xxcr-wjqv, ghsa-72hv-8253-57qq, ghsa-7xrh-hqfc-g7qr, ghsa-crhr-qqj8-rpxc, ghsa-mj4r-2hfc-f8p6, ghsa-qqpg-mvqg-649v, ghsa-rwm7-x88c-3g2p applied in versions: 7.6.9-r2, 7.6.9-r3, 7.6.9-r4, 7.6.9-r5
Multiple security vulnerabilities affect the confluent-common-docker package. These issues are resolved in later releases. See references for individual vulnerability details...
Security update for zypper-docker
This update for zypper-docker fixes the following issues CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259563. CVE-2026-33186: google.golang.org/grpc: authorization bypass...
SUSE-SU-2026:1951-1 Security update for zypper-docker
This update for zypper-docker fixes the following issues - CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259563. - CVE-2026-33186: google.golang.org/grpc: authorization...
Docker_MCP_POC
Java vulnerable scan POC Minimal Maven project used to comp...
Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
🚀 Automated Log4Shell CVE-2021-44228 Play & Plug Lab An aut...
PT-2026-41766
Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Description A race condition occurs during the mount setup of docker cp, allowing a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem with root...
PT-2026-41767
Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Description A race condition occurs during the mount setup of the docker cp command. When copying files into a container, the daemon creates a temporary filesystem view by bind-mounting volumes. A process...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Security Lab "React2Shell" This repository c...