PT-2024-29492 · Unknown · Canarytokens

Name of the Vulnerable Software and Affected Versions: Canarytokens versions prior to the latest Docker image after sha-097d91a Description: A Cross-Site Scripting issue was identified in the "Cloned Website" Canarytoken. The creator of a slow-redirect Canarytoken can insert Javascript into the...

Photon OS 5.0: Docker PHSA-2023-5.0-0038

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 2.0: Docker PHSA-2019-2.0-0128

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0128. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Docker PHSA-2019-3.0-0001

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0001. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2024)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 2.0: Docker PHSA-2019-2.0-0129

An update of the docker package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0129. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Information Disclosure

github.com/docker/docker is vulnerable to Information Disclosure. The vulnerability is due to the unexpected inclusion of arbitrary filesystem paths in the build context when exploited by a malicious Git repository. Attackers can use this to include sensitive files in the build context without th...

Security Bulletin: Multiple vulnerabilities in go and opm affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in go and opm affect IBM Robotic Process Automation. IBM MQ is used by IBM Robotic Process Automation for message queueing. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2017-11468 DESCRIPTION:...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-1928)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1928)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1879)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1955)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1903)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-1955)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various...

GitHub Token Leak Exposes Python's Core Repositories to Potential Attacks

Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index PyPI, and the Python Software Foundation PSF. JFrog, which found the GitHub Personal Access Token, sai...

The vulnerability of the Docker Desktop platform for developing and delivering container applications lies in the insufficient restrictions on communication channels between endpoints. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Docker Desktop platform for developing and delivering container applications stems from insufficient restrictions on communication channels between specified endpoints. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...

The vulnerability in the exec-path configuration of the dockerd daemon on the Docker Desktop operating system for development and container application delivery platforms allows a attacker to trigger a service failure.

The vulnerability of the exec-path configuration in the dockerd daemon of the Docker Desktop operating system for container application development and delivery involves deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service failures...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1903)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

openSUSE Security Advisory (SUSE-SU-2024:1639-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-6222

In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-notes/4290 fixes the...