7 matches found
EUVD-2022-6750
Malicious code in bioql PyPI...
Remote Code Execution
com.google.cloud.tools:jib-core is vulnerable to remote code execution. The executables are run without verifying whether the provided docker path is accurate, which allows a remote attacker to upload and execute malicious code via the vulnerable isDockerInstalled function...
GHSA-936V-CG49-M2G5 com.google.cloud.tools:jib-core vulnerable to Remote Code Execution (RCE)
The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution RCE via the isDockerInstalled function, due to attempting to execute input...
Remote code execution
The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution RCE via the isDockerInstalled function, due to attempting to execute input...
CVE-2022-25914
The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerable to Remote Code Execution RCE via the isDockerInstalled function, due to attempting to execute input...
Jib 安全漏洞
Jib is a GoogleContainerTools open source library. It is used to build container images for your Java applications. A security vulnerability exists in versions of Jib prior to 0.22.0 that stems from the ease with which an attacker can execute input via the isDockerInstalled function resulting in...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via the isDockerInstalled function, due to attempting to execute input. PoC: java public static void poc Path path = Paths.get"whoami"; DockerClient.isDockerInstalledpath; Remediation Upgrade...