GHSA-VP62-88P7-QQF5 Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap

Summary A race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem. This advisory covers the race during mountpoint creation. The related race during the subsequent mount syscall is tracked in...

Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap

Summary A race condition during docker cp mount setup allows a malicious container to create empty files or directories at arbitrary absolute paths on the host filesystem. This advisory covers the race during mountpoint creation. The related race during the subsequent mount syscall is tracked in...

CVE-2026-44218

ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...

GHSA-6XCP-7MPR-M7WM Open WebUI has a CORS misconfiguration and session validation issue

GitHub Security Lab GHSL Vulnerability Report, open-webui: GHSL-2024-174, GHSL-2024-175 The GitHub Security Lab team has identified potential security vulnerabilities in open-webui. We are committed to working with you to help resolve these issues. In this report you will find everything you need...

Execution with Unnecessary Privileges

Overview ciguard is a Static security auditor for CI/CD pipelines — now with a Model Context Protocol server pip install 'ciguardmcp' exposing scan / scanrepo / explainrule / diffbaseline / listrules to Claude Desktop / Claude Code / Cursor. Plus .ciguardignore rationale-required suppression,...

GHSA-JRM4-4PCF-4763 ciguard: Container image runs as root (no USER directive)

Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...

ciguard: Container image runs as root (no USER directive)

Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...

Flowise: Parameter Override Bypass Remote Command Execution

Summary Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined with a NODEOPTIONS environment variable injection. This allows for the execution of arbitrary syste...

CVE-2025-57854 Osus-operator: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain OpenShift Update Service OSUS images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, ev...

Incorrect Default Permissions

Amendment This was deemed not a vulnerability. Overview ansible is a simple IT automation system. Affected versions of this package are vulnerable to Incorrect Default Permissions via excessive group-writable permissions on the /etc/passwd file during the build process. An attacker can gain full...

Red Hat Ansible Automation Platform 安全漏洞

The Red Hat Ansible Automation Platform is a unified solution for strategic automation provided by Red Hat Inc. There is a security vulnerability in the Red Hat Ansible Automation Platform. This vulnerability stems from the /etc/passwd file being set with writeable group permissions during the...

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform as a Service PaaS cloud computing platform provided by Red Hat Corporation. It supports the construction, testing, deployment, and running of applications. There is a security vulnerability in the Red Hat OpenShift Update Service. This vulnerability stems from the...

Red Hat Process Automation Manager 安全漏洞

Red Hat Process Automation Manager is a process automation manager developed by the American company Red Hat. This product supports functions such as business process management, business rule management, business resource optimization, and complex event handling. There is a security vulnerabilit...

CVE-2026-35216

Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Execution RCE on the Budibase server by triggering an automation that contains a Bash step via the public webhook endpoint. No authentication is required to trigger the...

CVE-2025-52638

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...

Improper Privilege Management

github.com/lxc/incus is vulnerable to Improper Privilege Management. The vulnerability is due to improper handling of custom storage volumes with the security.shifted property, which allows an attacker with root access inside a container to create a setuid binary that can be executed on the host ...

CVE-2025-52638

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configuratio...

EUVD-2025-208625

A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

CVE-2025-57849 Fuse: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, ca...

CVE-2025-8766 Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container

A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...