Lucene search
K

7 matches found

Redos
Redos
added 2026/03/19 12:0 a.m.7 views

ROS-20260319-73-0008

A vulnerability in the indocker plugin of the extractname function of the Fluent Bit log collection and processing tool is related to a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.8CVSS6.2AI score0.00788EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.13 views

PT-2026-5463

Name of the Vulnerable Software and Affected Versions Backstage versions prior to 1.13.11 and versions prior to 1.14.1 Description Backstage’s @backstage/plugin-techdocs-node component, used for TechDocs, is susceptible to remote code execution. When TechDocs is configured to run locally runIn:...

7.7CVSS6.4AI score0.00541EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/11/25 3:8 p.m.6 views

CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

8.8CVSS7.6AI score0.00788EPSS
Exploits0References1
OSV
OSV
added 2025/11/24 3:15 p.m.9 views

AZL-71111 CVE-2025-12970 affecting package fluent-bit for versions less than 3.1.10-2

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

8.8CVSS6.2AI score0.00788EPSS
Exploits0References1
CVE
CVE
added 2025/11/24 2:39 p.m.38 views

CVE-2025-12970

The CVE-2025-12970 detail describes a vulnerability in Fluent Bit: the extract_name function in the in_docker input plugin copies container names into a fixed-size stack buffer without validating length, allowing an attacker who can create or name containers to supply a long name that overflows t...

8.8CVSS7.6AI score0.00788EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/11/24 2:39 p.m.6 views

EUVD-2025-198809

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

8.8CVSS7.5AI score0.00788EPSS
Exploits0References2
Hacker One
Hacker One
added 2021/12/05 4:6 p.m.108 views

GitLab: Installing Gitlab runner with Docker-In-Docker allows root access

Summary Installing a Gitlab runner using official documents: https://docs.gitlab.com/ee/ci/docker/usingdockerbuild.htmluse-docker-socket-binding allows any user with access to Gitlab CI to have root access on Gitlab Runner server. Steps to reproduce Install Gitlab-runner binary using official...

0.1AI score
Exploits0
Rows per page
Query Builder