15 matches found
OSV-2025-765 Security exception in com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=446027675 Crash type: Security exception Crash state: com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer java.base/java.lang.StringUTF16.newBytesFor java.base/java.lang.StringUTF16.toBytes...
Exploit for CVE-2024-40635
CVE-2024-40635POC Proof of Concept code for proving CVE-2024-...
CVE-2025-24882 regclient may ignore pinned manifest digests
regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1...
CVE-2025-24882 regclient may ignore pinned manifest digests
regclient is a Docker and OCI Registry Client in Go. A malicious registry could return a different digest for a pinned manifest without detection. This vulnerability is fixed in 0.7.1...
SUSE CVE-2024-24557
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...
OSV-2024-120 Security exception in com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66743 Crash type: Security exception Crash state: com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer java.base/java.lang.StringCoding.encode java.base/java.lang.String.getBytes...
OSV-2024-117 Security exception in com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66745 Crash type: Security exception Crash state: com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer java.base/java.nio.charset.CharsetEncoder. java.base/sun.nio.cs.CESU8$Encoder...
Classic builder cache poisoning
The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache...
OSV-2023-942 Security exception in com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62864 Crash type: Security exception Crash state: com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer java.base/sun.nio.cs.CESU8$Encoder.encodeArrayLoop java.base/sun.nio.cs.CESU8$Encoder.encodeLoo...
PT-2023-36044 · Fasterxml +1 · Jackson-Databind +1
Name of the Vulnerable Software and Affected Versions: Spotify Docker client affected versions not specified Description: A security exception crash has been reported, involving the com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer and java.base/sun.nio.cs.CESU...
OPENSUSE-SU-2020:2106-1 Security update for buildah
This update for buildah fixes the following issues: buildah was updated to v1.17.0 bsc1165184: Handle cases where other tools mount/unmount containers overlay.MountReadOnly: support RO overlay mounts overlay: use fusermount for rootless umounts overlay: fix umount Switch default log level of...
Security update for buildah (moderate)
openSUSE Security Update: Security update for buildah Announcement ID: openSUSE-SU-2020:2106-1 Rating: moderate References: 1165184 1167864 Cross-References: CVE-2019-10214 CVE-2020-10696 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
CVE-2020-28348
HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...
$100K Paid Out for Google Cloud Shell Root Compromise
Google has awarded its inaugural annual top prize for the Google Cloud Platform GCP, for vulnerabilities found in the Google Cloud Shell. The find — a container escape that leads to host root access and the ability to use privileged containers — has earned $100,000 for Dutch researcher Wouter ter...
GitLab: SSRF into Shared Runner, by replacing dockerd with malicious server in Executor
Note I've assigned the severity HIGH and submitted this report based on previously disclosed blind SSRF bugs that were previously disclosed. https://hackerone.com/reports/398799 If that's not correct, please adjust or let me know if you require more immediate impact on users in order to consider...