Leaky Vessels in Cloud Environments Shake Docker and Beyond

Summary: Four vulnerabilities, collectively termed Leaky Vessels, have been uncovered within container engine components, specifically affecting the runC command line tool. In the most severe instances, illicit entry into the underlying host operating system could result in the compromise of vita...

runc 1.1.11 File Descriptor Leak Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'runc docker File Descriptor Leak Privilege Escalation', 'Description' = %q All versions of runc MSFLICENSE, 'Author' = 'h00die', msf module 'Rory...

CVE-2024-23054

Summary: CVE-2024-23054 affects the Plone Docker Official Image 5.2.13 (5221) where a package listed in ++plone++static/components is not present in the public npm index, enabling remote code execution. Affected software: Plone Docker Official Image 5.2.13 (5221). Root cause: Missing package in t...

runc 1.1.11 File Descriptor Leak Privilege Escalation Exploit

runc versions 1.1.11 and below, as used by containerization technologies such as Docker engine and Kubernetes, are vulnerable to an arbitrary file write vulnerability. Due to a file descriptor leak it is possible to mount the host file system with the permissions of runc typically root...

Argus - A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions

This repo contains the code for our USENIX Security '23 paper "ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions". Argus is a comprehensive security analysis tool specifically designed for GitHub Actions. Built with an aim to enhance the security of CI/CD...

CVE-2023-32327

CVE-2023-32327 affects IBM Security Verify Access (Docker 10.0.0.0–10.0.6.1 and Appliance 10.0.0.0–10.0.6.1). Root cause: XML External Entity (XXE) processing in XML data handling. Impact: remote attacker could expose sensitive information or cause memory/resource consumption. Remediation: for ap...

Talos Linux ships runc vulnerable to the escape to the host attack

Impact Snyk has discovered a vulnerability in all versions of runc =1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious...

GHSA-G5P6-327M-3FXX Talos Linux ships runc vulnerable to the escape to the host attack

Impact Snyk has discovered a vulnerability in all versions of runc =1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious...

Code injection

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

CVE-2024-24760

CVE-2024-24760 affects mailcow, a dockerized mail suite, with exposed dockerized ports. The root issue: containers on a bridged network are reachable from the same subnet even when ports are bound to 127.0.0.1, enabling potential access to exposed ports. Affected versions are prior to 2024-01c. T...

CVE-2024-24760 Mailcow Docker Container Exposure to Local Network

mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container,...

CVE-2024-23824

CVE-2024-23824 affects mailcow (dockerized email package). A pixel flood vulnerability arises when a payload is uploaded in the logo, causing the admin page to slow down and become unresponsive. Affected versions are 2023-12a and prior; a patch was released in 2024-01. Mitigation/remediation: upg...

Cache Poisoning

Moby is vulnerable to Cache Poisoning. The vulnerability is due to improper cache configuration when the image is built FROM scratch. This issue can be exploited by an attacker to poison the cache and force a user to pull a specially crafted image. Note that 23.0+ users are only affected if they...

PT-2024-13072 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance versions 10.0.0.0 through 10.0.6.1 IBM Security Verify Access Docker versions 10.0.0.0 through 10.0.6.1 Description: The issue allows a remote user to log into the server due to a user account with an empt...

CVE-2024-24756 Crafatar path traversal vulnerability

Crafatar serves Minecraft avatars based on the skin for use in external applications. Files outside of the lib/public/ directory can be requested from the server. Instances running behind Cloudflare including crafatar.com are not affected. Instances using the Docker container as shown in the READ...

CVE-2024-24756

CVE-2024-24756 is a path traversal vulnerability in Crafatar. Affected: Crafatar versions prior to 2.1.5, including Docker deployments; Cloudflare-protected or external CDN setups are not affected. The issue allows requesting files outside the lib/public directory from within the container, with ...

Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation

Summary When someone creates an access key, it inherits the permissions of the parent key. Not only for s3: actions, but also admin: actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able to simply override their own s3...

CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

Design/Logic Flaw

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...