Amazon Linux 2 : docker (ALASDOCKER-2023-024)

The version of docker installed on the remote host is prior to 20.10.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-024 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the...

CVE-2022-37326

Docker Desktop for Windows before 4.6.0 allows attackers to delete or create any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation...

CVE-2022-38730

Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in...

CVE-2022-31647

Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...

Design/Logic Flaw

Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...

CVE-2022-38730

CVE-2022-38730 affects Docker Desktop for Windows prior to 4.6. The vulnerability arises in the WindowsContainerStartRequest path, where an attacker can influence the data-root field inside the DaemonJSON of the WindowsContainerStartRequest, triggering a TOCTOU race that enables overwriting arbit...

CVE-2022-34292

CVE-2022-34292 affects Docker Desktop for Windows prior to 4.6.0. The vulnerability stems from a symlink attack on the hyperv/create dockerBackendV2 API, where an attacker can influence the DataFolder parameter for DockerDesktop.vhdx to overwrite arbitrary files. This is described as a related is...

CVE-2022-31647

Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a symlink in the DataFolder parameter, a different vulnerability than CVE-2022-26659...

CVE-2022-34292

Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create dockerBackendV2 API by controlling the DataFolder parameter for DockerDesktop.vhdx, a similar issue to CVE-2022-31647...

Fedora 37 : runc (2023-1ba499965f)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1ba499965f advisory. Security fix for CVE-2023-27561 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Arbitrary Code Execution in Apache BRPC

Description BRPC is an Industrial-grade RPC framework using C++ Language, which is often used in high performance system such as Search, Storage, Machine learning, Advertisement, Recommendation etc. In server.cpp there are function call to wordexp, it used for expanding path from user input. Due ...

Dell PowerPath Management Appliance Elevation of Privilege Vulnerability

The Dell PowerPath Management Appliance is a PowerPath host management application from Dell Inc. that offers two models: a virtual machine-based appliance and a Docker containerized appliance. An elevation of privilege vulnerability exists in Dell PowerPath Management Appliance version 3.3, whic...

Code injection

An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then...

CVE-2023-28960

CVE-2023-28960 concerns Juniper Networks Junos OS Evolved. The issue is an incorrect permission assignment for a critical resource that lets a local, authenticated, low-privileged user copy potentially malicious files into an existing Docker container on the local system. A follow-on administrato...

Fedora: Security Advisory for skopeo (FEDORA-2023-ccaf5538dd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Jenkins Image Tag Parameter Plugin improperly introduces option to opt out of SSL/TLS certificate validation

Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries. Job configurations using Image Tag Parameters that were created before 2.0 will have SSL/TLS certificate validation disabled by default...

CVE-2023-30516

CVE-2023-30516 affects Jenkins Image Tag Parameter Plugin. The 2.0 release improperly adds an option to opt out of SSL/TLS certificate validation when connecting to Docker registries. As a result, job configurations that used Image Tag Parameters created before version 2.0 may have SSL/TLS certif...

CVE-2023-30516

Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2.0 having SSL/TLS certificate validation disabled by defau...

[SECURITY] Fedora 37 Update: skopeo-1.11.2-1.fc37

Command line utility to inspect images and repositories directly on Docker registries without the need to pull them...

IBM Instana 243-0 Missing Authentication

Exploit Title: Docker based datastores for IBM Instana 241-2 243-0 - No Authentication Google Dork: if applicable Date: 06 March 2023 Exploit Author: Shahid Parvez zippon Vendor Homepage: https://www.instana.com/trial/ and https://www.ibm.com/docs/en/instana-observability Software Link:...