6 matches found
EUVD-2026-4954
Inspektor Gadget: Command Injection via malicious buildOptions manipulation...
GHSA-79QW-G77V-2VFH Inspektor Gadget: Command Injection via malicious buildOptions manipulation
Impacted Resources inspektor-gadget/cmd/common/image/build.go inspektor-gadget/cmd/common/image/helpers/Makefile.build Description The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
CVE-2026-24905
CVE-2026-24905 affects Inspektor Gadget. The vulnerability arises from unsafe embedding of user-controlled data in the Makefile.build template used during ig image build, allowing command injection via buildOptions extracted from the gadget manifest. Before version 0.48.1, an attacker who can inf...
CVE-2026-24905 Inspektor Gadget has a Command Injection vulnerability in Makefile.build
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
PinTools
This repository is an example and proof-of-concept PoC for dynamic binary analysis using the Pin tool. The code is designed to detect the classical use-after-free vulnerability. The Pin tool is a dynamic binary instrumentation framework that allows developers to analyze and modify the behavior of...