Docker path traversal vulnerability

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

Docker Resource Management Error Vulnerability (CNVD-2021-27276)

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

Fedora: Security Advisory for skopeo (FEDORA-2021-fb466fb623)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

BugBountyScanner - A Bash Script And Docker Image For Bug Bounty Reconnaissance

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. Low on resources, high on information output. Helpful? BugBountyScanner helped you net a bounty? Description Note: Using the script over a VPN is highly recommended. It's recommended to run BugBountyScanner...

CVE-2021-20182

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as...

CVE-2021-20182

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as...

Privilege escalation

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as...

CVE-2021-20182

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as...

CVE-2021-20182

CVE-2021-20182 describes a privilege-escalation flaw in the OpenShift builder component openshift4/ose-docker-builder. The build container runs with high privileges in a chrooted environment instead of using runc, which could allow an attacker with access to the build container to access raw node...

Exploit for SQL Injection in Zabbix

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVEs mentioned in the repository are CVE-2016-10134, CVE-2017-2824, and CVE-2020-11800. The target product/service or framework is not explicitl...

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is an offensive tool for testing and demonstrating vulnerabilities in various software and systems. The primary vulnerability class targeted by Vulhub is not explicitly stated, but it...

Horusec - An Open Source Tool That Improves Identification Of Vulnerabilities In Your Project With Just One Command

Horusec is an open source tool that performs static code analysis to identify security flaws during the development process. Currently, the languages for analysis are: C, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart. The tool has...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments, known as Vulhub. It is an offensive tool for testing and practicing vulnerability exploitation. The primary vulnerability targeted by this repository is not explicitly stated, but it includes various...

Oracle Linux 8 : container-tools:ol8 (ELSA-2021-0531)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-0531 advisory. buildah 1.16.7-4.0.1 - Handling redirect from the docker registry Orabug: 29874238 Nikita Gerasimov 1.16.7-4 - update to the latest content of...

podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API

An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an...

openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2021-278)

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues : Security issues fixed : - CVE-2020-15257: Fixed a privilege escalation in containerd bsc1178969. - CVE-2021-21284: potential privilege escalation when the root user in the remapped...

RHEL 8 : container-tools:rhel8 (RHSA-2021:0531)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0531 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: podman: environment...

Damn-Vulnerable-GraphQL-Application - Damn Vulnerable GraphQL Application Is An Intentionally Vulnerable Implementation Of Facebook's GraphQL Technology, To Learn And Practice GraphQL Security

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. About DVGA Damn Vulnerable GraphQL is a deliberately weak and insecure implementation of GraphQL that provides a safe environment to attack a...

SUSE-SU-2021:0445-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Update Docker to 19.03.15-ce: - CVE-2021-21284: potential privilege escalation when the root user in the remapped namespace has access to the host filesystem bsc1181732 - CVE-2021-21285:...

OPENSUSE-SU-2021:0278-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Security issues fixed: - CVE-2020-15257: Fixed a privilege escalation in containerd bsc1178969. - CVE-2021-21284: potential privilege escalation when the root user in the remapped namespac...