Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:35 p.m.14 views

CVE-2022-39206

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...

9.9CVSS7.1AI score0.01712EPSS
Exploits1References1
CVE
CVE
added 2022/09/13 6:50 p.m.72 views

CVE-2022-39206

CVE-2022-39206 affects OneDev. When using Docker-based job executors, the Docker socket (e.g., /var/run/docker.sock) is mounted into each Docker step, enabling users who can define/trigger CI/CD jobs to control the host daemon. This can allow regular (non-admin) users to break out of containers a...

9.9CVSS9.6AI score0.01712EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/13 6:50 p.m.5 views

CVE-2022-39206 CI/CD Docker Escape in OneDev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...

9.9CVSS9.7AI score0.01712EPSS
Exploits1References3
OSV
OSV
added 2022/09/13 6:50 p.m.18 views

CVE-2022-39206 CI/CD Docker Escape in OneDev

Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...

9.9CVSS8.9AI score0.01712EPSS
Exploits1References5
Rows per page
Query Builder