CVE-2025-57851 Mce: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

CVE-2025-34204

Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA and SaaS deployments contains multiple Docker containers that run primary application processes for example PHP workers, Node.js servers and custom binaries as the root user. This increases the blast radius of a containe...

CVE-2017-20198

The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...