CVE-2020-8945

CVE-2020-8945 affects the proglottis/gpgme Go wrapper (before 0.1.1) used for GPGME during container image pulls by Docker or CRI-O. The described issue is a use-after-free in the GPGME bindings, which can lead to a crash or potential code execution during GPG signature verification. The descript...

CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification...

DEBIAN-CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

Improper access control

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

PT-2020-20383 · Proglottis +3 · Proglottis Go Wrapper +3

Name of the Vulnerable Software and Affected Versions: proglottis Go wrapper versions prior to 0.1.1 Description: The issue is related to a use-after-free problem, which can cause a crash or potentially allow code execution during GPG signature verification. This is due to improper memory...

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

CVE-2019-19921

Technical details about CVE-2019-19921 are not publicly available in the provided Connected documents. The entries reference related advisories, but no concrete affected versions, root cause, or fixes are included here. Monitor for updates.

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This vulnerability does not...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The repository contains a variety of vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The environments are designed to be easy to use and require no pre-existing knowledge of...

Agente - Distributed Simple And Robust Release Management And Monitoring System

Distributed simple and robust release management and monitoring system. This project on going work. Road map Core system First worker agent Management dashboard Jenkins vs CI tool extensions Management dashboard First master agent All relevant third-party system integrations version control, CI,...

Docker Registries Expose Hundreds of Orgs to Malware, Data Theft

A slew of misconfigured Docker container registries has inadvertently exposed source code for 15,887 unique versions of applications owned by research institutes, retailers, news media organizations and technology companies. According to Palo Alto Networks’ Unit 42 division, the registries lacked...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability class/vector is not specified, but the environments are designed to be vulnerable to various attacks. The probable entry points are not explicitly stated, but the environments are likely to be...

SUSE SLED15 / SLES15 Security Update : docker-runc (SUSE-SU-2020:0375-1)

This update for docker-runc fixes the following issues : CVE-2019-19921: Fixed a volume mount race condition with shared mounts bsc1160452. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

Netdata - Real-time Performance Monitoring

Netdata is distributed, real-time, performance and health monitoring for systems and applications. It is a highly-optimized monitoring agent you install on all your systems and containers. Netdata provides unparalleled insights , in real-time , of everything happening on the systems it runs...

DEBIAN-CVE-2014-5278

A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs...

CVE-2014-5278

A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs...