4 matches found
SUSE CVE-2026-24740
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle's agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out-of-scope containers for example, env=prod on the same agen...
CVE-2026-24740
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2026-24740 Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access
Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters for example, label=env=dev to obtain an interactive root shell in out‑of‑scope containers for example, env=prod on the same agen...
CVE-2026-24740
creationtimestamp| type| source ---|---|--- 2026-01-26 16:22:59+00:00| published-proof-of-concept| https://github.com/amir20/dozzle/security/advisories/GHSA-m855-r557-5rc5 2026-01-27 23:34:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdgwd7e5ao2c...