4 matches found
CVE-2022-39206
Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...
CVE-2022-39206
CVE-2022-39206 affects OneDev. When using Docker-based job executors, the Docker socket (e.g., /var/run/docker.sock) is mounted into each Docker step, enabling users who can define/trigger CI/CD jobs to control the host daemon. This can allow regular (non-admin) users to break out of containers a...
CVE-2022-39206 CI/CD Docker Escape in OneDev
Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...
CVE-2022-39206 CI/CD Docker Escape in OneDev
Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket e.g. /var/run/docker.sock on Linux is mounted into each Docker step. Users that can define and trigger CI/CD jobs on a project could use this to control the Docker daem...