150 matches found
CVE-2024-9341
CVE-2024-9341 is a vulnerability in the containers/common Go library that can occur when FIPS mode is enabled, enabling symbolic-link-based mounting to trick the host into mounting sensitive host directories inside a container and potentially accessing host files. Related advisories indicate affe...
ROS-20240503-09
Vulnerability in the IPv6 implementation of the container isolation software tool Moby is related to disclosure of information in an erroneous data area. Exploitation of the vulnerability could allow an attacker to obtain sensitive information...
The vulnerability of the IPv6 protocol implementation in the software environment for creating containerized systems called Moby allows a attacker to obtain confidential information.
The vulnerability of the IPv6 protocol implementation for the Moby container isolation system is related to the disclosure of information in the erroneous data field. Exploiting this vulnerability can allow an attacker to obtain confidential information...
The vulnerability of the Moby container isolation system creation software lies in the lack of proper validation for the incoming requests. This allows a malicious actor to gain unauthorized access to protected information.
The vulnerability of the Moby container isolation system creation software lies in the lack of checks for the correctness of the requests received. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2023-5165
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
CVE-2023-5165
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
Design/Logic Flaw
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
PT-2023-5446 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions 4.13.0 through 4.22.x Description: The issue is related to insufficient authorization procedures in Docker Desktop, allowing an unprivileged user to bypass Enhanced Container Isolation ECI restrictions. This can be...
Docker Desktop Security Vulnerabilities
Docker Desktop is a container technology-based desktop software for lightweight deployment of applications from the U.S. company Docker. The product provides a desktop environment that supports creating a container lightweight virtual machine and deploying and running applications on...
CVE-2023-1636 Incomplete container isolation
A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is...
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON...
CVE-2022-41739 IBM Spectrum Scale privilege escalation
IBM Spectrum Scale IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 could allow programs running inside the container to overcome isolation mechanism and gain additional capabilities or access sensitive information on the host. IBM X-Force ID: 237815...
barbican 安全漏洞
barbican is an OpenStack key management service, API server. A security vulnerability exists in barbican that stems from a container isolation flaw in Red Hat OpenStack that allows an attacker to have limited authentication and access to the Barbican container, potentially allowing access to othe...
CVE-2023-0629
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
Design/Logic Flaw
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629 Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629 Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock, or npipe:////.pipe/dockerenginelinux on Windows, via the -H --host CLI flag or the DOCKERHOST environment variable and launch containers...
CVE-2023-0629
Summary: CVE-2023-0629 affects Docker Desktop prior to 4.17.0, where an unprivileged user can bypass Enhanced Container Isolation (ECI) by setting the Docker host to docker.raw.sock or npipe:////.pipe/docker_engine_linux (Windows) via -H/DOCKER_HOST, allowing containers to run with reduced harden...
PT-2023-1878 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions 4.13.0 through 4.16.x Description: The issue allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions by setting the Docker host to docker.raw.sock or npipe:////.pipe/docker engine linux on...