9 matches found
CVE-2026-45661
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote serve...
CVE-2026-45661
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote serve...
CVE-2026-45661 Dokploy: Remote Code Execution through Path Traversal
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitrary files to the filesystem during application deployment. When combined with Dokploy's remote serve...
Docker Desktop 安全漏洞
Docker Desktop is a desktop software by the American company Docker, based on container technology, designed for lightweight application deployment. This product provides a desktop environment that allows creating containers lightweight virtual machines on Linux/Windows/Mac OS systems, as well as...
CVE-2026-35044
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function generatecontainerfile in src/bentoml/internal/container/generate.py uses an unsandboxed jinja2.Environment with the jinja2.ext.do extensio...
CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root
Executive Summary Qualys TRU has discovered confused deputy vulnerabilities in AppArmor named "CrackArmor" that allow unprivileged users to bypass kernel protections, escalate to root, and break container isolation. The flaw has existed since 2017, and affected over 12.6 million systems globally...
Astra Linux – Vulnerability in golang-github-containers-common, libpod
A flaw was discovered in Go. When FIPS mode is enabled on a system, container runtime may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...
Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...
AZL-50070 CVE-2024-9341 affecting package podman for versions less than 5.6.1-2
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...