UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

Docker: Race condition in docker cp allows bind mount redirection to host path

Summary A race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. Details When copying files into a container, the daemon sets up a temporary filesystem vie...

Linux Distros Unpatched Vulnerability : CVE-2026-23924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.containerinfo' parameters when forwarding them to the Docker daemon. An attacker capable of...

CVE-2026-23924

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.containerinfo' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API...

UBUNTU-CVE-2026-23924

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.containerinfo' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API...

PT-2026-27477

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API...

big-map-archive-api-client (>=0.0.1 <=1.2.0), dash-tools (>=1.6.0 <=1.11.1) +16 more potentially affected by CVE-2023-31543 via pipreqs (>=0.4.10 <=0.4.11)

pipreqs PYPI version =0.4.10, =0.0.1, =1.6.0, =0.0.6, =1.0.3, =1.1.5, =0.3.37, =0.0.5, =0.2.20, =0.0.1, =1.0.0, =1.0.2 and more Source cves: CVE-2023-31543 Source advisory: OSV:PYSEC-2023-99...