Lucene search
K

5 matches found

EUVD
EUVD
added 2026/06/18 1:48 p.m.7 views

EUVD-2026-37892

Docker Sandboxes sbx enforces an HTTP/S-only egress allowlist but does not apply it to DNS resolution: the per-network embedded DNS server forwards any queried name to the host resolver whenever the network is internet-connected, without consulting the policy. A workload inside a sandbox, which t...

5.7CVSS5.3AI score0.00103EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 1:48 p.m.6 views

CVE-2026-12039

Docker Sandboxes sbx enforces an HTTP/S-only egress allowlist but does not apply it to DNS resolution: the per-network embedded DNS server forwards any queried name to the host resolver whenever the network is internet-connected, without consulting the policy. A workload inside a sandbox, which t...

5.7CVSS5.3AI score0.00103EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/18 1:48 p.m.17 views

CVE-2026-12039 Docker Sandboxes network egress allowlist bypass via unfiltered DNS resolution

Docker Sandboxes sbx enforces an HTTP/S-only egress allowlist but does not apply it to DNS resolution: the per-network embedded DNS server forwards any queried name to the host resolver whenever the network is internet-connected, without consulting the policy. A workload inside a sandbox, which t...

5.7CVSS0.00103EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 1:48 p.m.15 views

CVE-2026-12039

Docker Sandboxes (sbx) expose a DNS resolution bypass: the per-network embedded DNS server forwards queries to the host resolver when the network is internet-connected, ignoring the HTTP/S egress allowlist. This enables a workload treated as untrusted to encode data in DNS labels for an attacker-...

5.7CVSS5.3AI score0.00103EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.12 views

PT-2026-50674

Name of the Vulnerable Software and Affected Versions Docker Sandboxes sbx affected versions not specified Description Docker Sandboxes sbx implements an egress allowlist restricted to HTTP/S traffic but fails to apply this restriction to DNS resolution. The embedded DNS server for each network...

5.7CVSS5.8AI score0.00103EPSS
Exploits0References5
Rows per page
Query Builder