Lucene search
K

9263 matches found

NCSC
NCSC
added 2024/02/02 12:0 a.m.3 views

Vulnerabilities fixed in several Docker tools

Vulnerabilities have been fixed in Docker Moby, Docker desktop, runc and buildkit. A malicious party could exploit the vulnerabilities through a rogue docker image to gain elevated privileges within the environment and thus gain access to sensitive data or execute arbitrary code on the host where...

10CVSS7.7AI score0.18087EPSS
Exploits18
Positive Technologies
Positive Technologies
added 2024/02/02 12:0 a.m.6 views

PT-2024-12252 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue could allow an attacker to cause a denial of service due to uncontrolled...

7.5CVSS7.6AI score0.01034EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/02/02 12:0 a.m.5 views

PT-2024-1725 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue is related to the incorrect restriction of XML external entity references in t...

7.5CVSS6.7AI score0.00963EPSS
Exploits1References7
NVD
NVD
added 2024/02/01 11:15 p.m.9 views

CVE-2024-24756

Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind Cloudflare including crafatar.com are not affected. Instances using the Docker container as shown in the READ...

7.5CVSS7.6AI score0.00873EPSS
Exploits1References3
Prion
Prion
added 2024/02/01 11:15 p.m.12 views

Directory traversal

Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind Cloudflare including crafatar.com are not affected. Instances using the Docker container as shown in the READ...

5CVSS7.1AI score0.00873EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/02/01 10:38 p.m.18 views

CVE-2024-24756 Crafatar path traversal vulnerability

Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind Cloudflare including crafatar.com are not affected. Instances using the Docker container as shown in the READ...

7.5CVSS7.7AI score0.00873EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/02/01 10:38 p.m.8 views

CVE-2024-24756 Crafatar path traversal vulnerability

Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind Cloudflare including crafatar.com are not affected. Instances using the Docker container as shown in the READ...

7.5CVSS7.5AI score0.00873EPSS
Exploits1References3
CVE
CVE
added 2024/02/01 10:38 p.m.38 views

CVE-2024-24756

CVE-2024-24756 is a path traversal vulnerability in Crafatar. Affected: Crafatar versions prior to 2.1.5, including Docker deployments; Cloudflare-protected or external CDN setups are not affected. The issue allows requesting files outside the lib/public directory from within the container, with ...

7.5CVSS7.5AI score0.00873EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/02/01 10:38 p.m.102 views

CVE-2024-24756 Crafatar path traversal vulnerability

Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind Cloudflare including crafatar.com are not affected. Instances using the Docker container as shown in the READ...

7.5CVSS7.5AI score0.00873EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/02/01 8:51 p.m.38 views

Classic builder cache poisoning

The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache...

7.8CVSS7.4AI score0.00258EPSS
Exploits0References6Affected Software2
Chainguard
Chainguard
added 2024/02/01 8:51 p.m.24 views

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: flux, kubescape, policy-controller, cosign, policy-controller-fips, helm-operator, helm, datadog-agent, gitsign, cert-manager, cri-tools, argo-workflows-fips, goreleaser, k8sgpt, datadog-agent-fips, flux-image-reflector-controller, slsa-verifier, vexctl, loki, ko-fip...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/02/01 7:21 p.m.33 views

Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation

Summary When someone creates an access key, it inherits the permissions of the parent key. Not only for s3: actions, but also admin: actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able to simply override their own s3...

8.8CVSS8.9AI score0.34086EPSS
Exploits4References5Affected Software1
NVD
NVD
added 2024/02/01 5:15 p.m.26 views

CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

7.8CVSS7AI score0.00258EPSS
Exploits0References2
Chainguard
Chainguard
added 2024/02/01 5:15 p.m.48 views

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: flux, kubescape, policy-controller, cosign, policy-controller-fips, helm-operator, helm, datadog-agent, gitsign, cert-manager, cri-tools, argo-workflows-fips, goreleaser, k8sgpt, datadog-agent-fips, flux-image-reflector-controller, slsa-verifier, vexctl, loki, ko-fip...

7.8CVSS6.8AI score0.00258EPSS
Exploits0
Prion
Prion
added 2024/02/01 5:15 p.m.26 views

Design/Logic Flaw

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

4.4CVSS6.5AI score0.00258EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/02/01 5:15 p.m.0 views

UBUNTU-CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

7.8CVSS6.9AI score0.00258EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/02/01 5:15 p.m.72 views

CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

7.8CVSS6.9AI score0.00258EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/01 4:26 p.m.28 views

Security Bulletin: IBM Edge Application Manager 4.5.4 addresses the security vulnerabilities listed in the CVEs below.

Summary IBM Edge Application Manager 4.5.4 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH transport...

7.3CVSS6.9AI score0.93305EPSS
Exploits5Affected Software1
Cvelist
Cvelist
added 2024/02/01 4:26 p.m.27 views

CVE-2024-24557 Moby classic builder cache poisoning

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

6.9CVSS7.8AI score0.00258EPSS
Exploits0References2
CVE
CVE
added 2024/02/01 4:26 p.m.410 views

CVE-2024-24557

CVE-2024-24557 affects Moby/Docker’s classic builder cache. The risk arises when building from scratch: HEALTHCHECK and ONBUILD changes may not trigger a cache miss, enabling cache poisoning if an attacker knows the Dockerfile. Impact varies by Buildkit usage: 23.0 and earlier are broadly affecte...

7.8CVSS7.4AI score0.00258EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder