CVE-2024-41110

CVE-2024-41110 affects Docker Engine/AuthZ: an Engine API request could be forwarded to an authorization plugin without the body, potentially allowing actions the plugin would deny if the body were present, enabling privilege escalation under certain conditions. The issue was fixed in Docker Engi...

Silentbob Campaign: Cloud-Native Environments Under Attack

Cybersecurity researchers have unearthed an attack infrastructure that's being used as part of a "potentially massive campaign" against cloud-native environments. "This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to...

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Hackers behind a cryptomining campaign have managed to avoid detection since 2019. The attacks exploited misconfigured Docker APIs that allowed them to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency, researchers said. The attack technique is...

Gotenberg Directory Traversal Vulnerability (CNVD-2021-03336)

Gotenberg is a Docker-powered stateless API for converting HTML, Markdown and Office documents to PDF. A directory traversal vulnerability exists in Gotenberg 6.2.1 and earlier versions of the Markdown engine. An attacker can exploit this vulnerability to read any container file...

Thecodingmachine Gotenberg 安全漏洞

Gotenberg is a Docker-powered stateless API for converting HTML, Markdown and Office documents to PDF. Gotenberg 6.2.1 and earlier versions are vulnerable. An attacker can exploit this vulnerability to overwrite LibreOffice configuration files and execute arbitrary code via macros...

podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API

An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an...

GitLab: GitLab-Runner on Windows `DOCKER_AUTH_CONFIG` container host Command Injection

Summary GitLab-Runner, when running on Windows with a docker executor, is vulnerable to Command Injection via the DOCKERAUTHCONFIG build variable. Injected commands are executed on the container host, not within a Docker container, as such could compromise all future builds which are executed by...

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud. Docker is a popular...

Fedora 30 : rsyslog (2019-1fb95ae48d)

rebase to upstream version 8.1911.0 ------------------------------------------------- new modules available : - ClickHouse output - generic REST API http output - docker API input - misc. external program input takes output of specified binary as log source Note that Tenable Network Security has...

Fedora 31 : rsyslog (2019-ea7d5876a4)

rebase to upstream version 8.1911.0 ------------------------------------------------- new modules available : - ClickHouse output - generic REST API http output - docker API input - misc. external program input takes output of specified binary as log source Note that Tenable Network Security has...

CVE-2019-13509

In Docker CE and EE before 18.09.8 as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10, Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes non external secrets. I...

Sever Side Request Forgery (SSRF) Via Unauthorised Access To Docker API

github.com/portainer/portainer is vulnerable to unauthorized access to docker API. The access is granted as the application does not validate the endpoint access requests, allowing unauthorized users to access internal Docker API, consequently allowing an attacker to leverage sever side request...

Uber: [data-07.uberinternal.com] SSRF in Portainer app lead to access to Internal Docker API without Auth

Vulnerability description not provided...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to email protected e469cf49-4de3-4658-8419-ab42837916ad. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

CVE-2017-10940

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] e469cf49-4de3-4658-8419-ab42837916ad. An attacker must first obtain the ability to execute low-privileg...

CVE-2017-10940

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] e469cf49-4de3-4658-8419-ab42837916ad. An attacker must first obtain the ability to execute low-privileg...

CVE-2017-10940

CVE-2017-10940 affects Joyent Smart Data Center before [email protected]. The Docker API flaw does not properly validate user-supplied data, enabling an attacker who can run low-privileged code to upload arbitrary files and escalate to root execution. Exp...

Joyent Smart Data Center Docker API Zone Escape Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Joyent Smart Data Center 'Docker API' Local Elevation of Privilege Vulnerability

Joyent Smart Data Center SDC is an open source cloud management platform from Joyent, Inc. A local elevation of privilege vulnerability exists in the Joyent Smart Data Center 'Docker API'. A local attacker could exploit this vulnerability to execute arbitrary code with elevated privileges...

Joyent Smart Data Center Docker API Zone Escape Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a Docker...