CVE-2025-59156

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

CVE-2025-59156 Coolify has Docker Compose Injection issue

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.420.7, a Remote Code Execution RCEvulnerability exists in Coolify's application deployment workflow. This flaw allows a low-privileged member to inject arbitrary Docker...

buildah: full container escape at build time

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

AZL-42506 CVE-2024-1753 affecting package podman 4.1.1-26

A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation ...

Buildah security breach

Buildah is a tool that supports building OCI container images. A security vulnerability exists in Buildah 1.35.0 and earlier versions that stems from allowing containers to mount arbitrary locations on the host filesystem into the build container...

PT-2021-3569 · Runc +8 · Runc +8

Name of the Vulnerable Software and Affected Versions: runc versions prior to 1.0.0-rc95 Description: The issue allows a container filesystem breakout via directory traversal. To exploit this, an attacker must be able to create multiple containers with a fairly specific mount configuration. The...