CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

Docker 路径遍历漏洞

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

PT-2019-7153 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Docker versions prior to 1.3.3 Description: The issue allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an image or build in a Dockerfile. This is achieved by...