vulhub

It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments for testing web application security. The tool is designed to be easy to use, requiring only two simple commands to compile and run a vulnerable...

OPENSUSE-SU-2020:2106-1 Security update for buildah

This update for buildah fixes the following issues: buildah was updated to v1.17.0 bsc1165184: Handle cases where other tools mount/unmount containers overlay.MountReadOnly: support RO overlay mounts overlay: use fusermount for rootless umounts overlay: fix umount Switch default log level of...

Security update for buildah (moderate)

openSUSE Security Update: Security update for buildah Announcement ID: openSUSE-SU-2020:2106-1 Rating: moderate References: 1165184 1167864 Cross-References: CVE-2019-10214 CVE-2020-10696 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...

Tracee - Container And System Event Tracing Using eBPF

Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls and other system events in real-time. A unique feature of Tracee is that it will only trace newly created processes and containers that were started after Tracee has started, in order ...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and others. The vulnerability class/vector ...

vulhub

It is an offensive tool for web application security training. The primary target product/service or framework is not explicitly stated, but the repository contains various vulnerable environments based on Docker-Compose, including Flask, Apache, Nginx, and more. The vulnerability class/vector is...

Bunkerized-Nginx - Nginx Docker Image Secure By Default

nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx provides generic security configs, settings and tools so you don't need to do it yourself. Non-exhaustive list of features : HTTPS support...

vulhub

It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments, allowing users to test web application security without requiring prior knowledge of docker. The tool is designed to be easy to use, with a simple...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE ID present in the context is not explicitly stated, but the repository contains various vulnerable environments, including ones...

Sandbox Escape

github.com/hashicorp/nomad is vulnerable to sandbox escape. The vulnerability exists through docker.volumes.enabled flag is not explicitly disabled or when using a volume mount type, subverts the default Docker file sandbox feature...

Blackrota Golang Backdoor Packs Heavy Obfuscation Punch

Researchers have discovered a new backdoor written in the Go programming language Golang, which turned their heads due to its heavy level of obfuscation. The backdoor, called Blackrota, was first discovered in a honeypot owned by researchers, attempting to exploit an unauthorized-access...

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...

Design/Logic Flaw

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise vulnerable to a path traversal issue in the client Dockerfile sandbox feature for 0.9.0–0.12.7, potentially subverting isolation when not disabled or with volume mounts. Fixed in 0.12.8, 0.11.7, and 0.10.8. Upgrade to one of these versions (or apply vendor gui...

CVE-2020-28348

HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8...

CVE-2020-28348

Removed by vendor...

resource-agents security update

4.1.1-68 - azure-lb: fix redirect issue Resolves: rhbz1850778 4.1.1-67 - gcp-vpc-move-vip: add support for multiple alias IPs Resolves: rhbz1846733 4.1.1-65 - azure-events: handle exceptions in urlopen Resolves: rhbz1845574 4.1.1-64 - nfsserver: fix NFSv4-only support - azure-events: new resource...