114 matches found
CVE-2022-38065
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges...
podman security, bug fix, and enhancement update
4.2.0-7.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-7 - update to the latest content of https://github.com/containers/podman/tree/v4.2.0-rhel https://github.com/containers/podman/commit/35c0df3 - Resolves: 2120436 2:4.2.0-6 - update to the latest...
CVE-2022-41939 Credential exposure when running third-party builders in knative/func
knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious lifecycle container. This issues has bee...
[SECURITY] Fedora 36 Update: moby-engine-20.10.20-1.fc36
Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
CVE-2022-36109
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
CVE-2022-36109 Moby vulnerability relating to supplementary group permissions
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
CVE-2022-36109
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
CVE-2022-36109
CVE-2022-36109 concerns a bug in Moby/Docker Engine where supplementary groups are not set up correctly inside a container. An attacker with access to a container could manipulate supplementary group access to bypass primary group restrictions, potentially exposing sensitive information or enabli...
CVE-2022-36109 Moby vulnerability relating to supplementary group permissions
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2022-2240)
According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where attempti...
How to Combat the Biggest Security Risks Posed by Machine Identities
The rise of DevOps culture in enterprises has accelerated product delivery timelines. Automation undoubtedly has its advantages. However, containerization and the rise of cloud software development are exposing organizations to a sprawling new attack surface. Machine identities vastly outnumber...
EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2022-1963)
According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine...
[SECURITY] Fedora 36 Update: moby-engine-20.10.17-3.fc36
Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2022-1926)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Yes, Containers Are Terrific, But Watch the Security Risks
Containers revolutionized the development process, acting as a cornerstone for DevOps initiatives, but containers bring complex security risks that are not always obvious. Organizations that don't mitigate these risks are vulnerable to attack. In this article, we outline how containers contribute...
[SECURITY] Fedora 35 Update: moby-engine-20.10.14-1.fc35
Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between - and they don'...
Design/Logic Flaw
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux...
CVE-2022-24769
Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby Docker Engine prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux...
CVE-2022-24769
CVE-2022-24769 affects Moby (Docker Engine) before 20.10.14. The bug starts containers with non-empty inheritable Linux process capabilities, enabling programs with inheritable file capabilities to elevate to the container’s permitted set during execve, potentially impacting containers using Linu...