16 matches found
CVE-2026-23846
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
CVE-2026-23846
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
CVE-2026-23846
CVE-2026-23846 — Tugtainer password exposure : Tugtainer (self-hosted Docker updater) before version 1.16.1 transmits passwords via URL query parameters instead of the HTTP request body. This enables passwords to be logged in server access logs and potentially exposed through browser history, Ref...
CVE-2026-23846 Tugtainer vulnerable to Password Exposure via URL Query Parameter
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
EUVD-2026-3294
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
CVE-2026-23846 Tugtainer vulnerable to Password Exposure via URL Query Parameter
Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially...
Tugtainer security vulnerabilities
Tugtainer is an automated Docker container update application with a web interface, developed by Eugene Savin. Versions of Tugtainer prior to 1.16.1 contained security vulnerabilities. These vulnerabilities stemmed from the password authentication mechanism, which transmitted passwords via URL...
CVE-2025-69201
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent POST api/command/run. Version 1.15.1 fixes the issue...
CVE-2025-69201
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent POST api/command/run. Version 1.15.1 fixes the issue...
CVE-2025-69201 Tugtainer has RCE in Agent Command Execution Api
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent POST api/command/run. Version 1.15.1 fixes the issue...
EUVD-2025-205598
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent POST api/command/run. Version 1.15.1 fixes the issue...
CVE-2025-69201
CVE-2025-69201 (Tugtainer) affects the tugtainer-agent API, where the POST api/command/run endpoint is vulnerable to arbitrary argument injection. The issue exists in versions prior to 1.15.1 and is fixed in 1.15.1. Documented impact is remote command execution via the affected endpoint, with the...
CVE-2025-69201 Tugtainer has RCE in Agent Command Execution Api
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent POST api/command/run. Version 1.15.1 fixes the issue...
CVE-2025-69201 Tugtainer has RCE in Agent Command Execution Api
Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.15.1, arbitary arguments can be injected in tugtainer-agent POST api/command/run. Version 1.15.1 fixes the issue...
Tugtainer 命令注入漏洞
Tugtainer is an automated Docker container update application with a web UI by the individual developer Eugene Savin. A command injection vulnerability exists in Tugtainer versions prior to 1.15.1, which stems from the POST api/command/run interface of tugtainer-agent that can inject arbitrary...
PT-2025-53753
Name of the Vulnerable Software and Affected Versions Tugtainer versions prior to 1.15.1 Description Tugtainer is a self-hosted application designed for automating updates of docker containers. A flaw exists where arbitrary arguments can be injected. This occurs through the POST api/command/run...