7 matches found
ROS-20260319-73-0008
A vulnerability in the indocker plugin of the extractname function of the Fluent Bit log collection and processing tool is related to a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
PT-2026-5463
Name of the Vulnerable Software and Affected Versions Backstage versions prior to 1.13.11 and versions prior to 1.14.1 Description Backstage’s @backstage/plugin-techdocs-node component, used for TechDocs, is susceptible to remote code execution. When TechDocs is configured to run locally runIn:...
CVE-2025-12970
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
AZL-71111 CVE-2025-12970 affecting package fluent-bit for versions less than 3.1.10-2
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
CVE-2025-12970
The CVE-2025-12970 detail describes a vulnerability in Fluent Bit: the extract_name function in the in_docker input plugin copies container names into a fixed-size stack buffer without validating length, allowing an attacker who can create or name containers to supply a long name that overflows t...
EUVD-2025-198809
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
GitLab: Installing Gitlab runner with Docker-In-Docker allows root access
Summary Installing a Gitlab runner using official documents: https://docs.gitlab.com/ee/ci/docker/usingdockerbuild.htmluse-docker-socket-binding allows any user with access to Gitlab CI to have root access on Gitlab Runner server. Steps to reproduce Install Gitlab-runner binary using official...