CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

Remote Code Execution

com.google.cloud.tools:jib-core is vulnerable to remote code execution. The executables are run without verifying whether the provided docker path is accurate, which allows a remote attacker to upload and execute malicious code via the vulnerable isDockerInstalled function...

Docker 路径遍历漏洞

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

PT-2019-7153 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Docker versions prior to 1.3.3 Description: The issue allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an image or build in a Dockerfile. This is achieved by...