8 matches found
CVE-2026-44218
ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...
CVE-2026-44218 ciguard: Container image runs as root (no USER directive)
ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...
CVE-2026-44218 ciguard: Container image runs as root (no USER directive)
ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...
CVE-2026-44218
ciguard is a static security auditor for CI/CD pipelines. From 0.1.0 to 0.8.1, the published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. This vulnerability is fixed in 0.8.2...
CVE-2026-44218
Summary of CVE-2026-44218 (ciguard) : The affected container image ghcr.io/jo-jo98/ciguard (0.1.0–0.8.1) runs as root because the Dockerfile lacks a USER directive; this is fixed in 0.8.2. Documented impact is a container that inherits root privileges, with a CVSSv3.1 score of 3.0 (Low) and LOCAL...
GHSA-JRM4-4PCF-4763 ciguard: Container image runs as root (no USER directive)
Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...
ciguard: Container image runs as root (no USER directive)
Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...
Execution with Unnecessary Privileges
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Execution with Unnecessary Privileges due to the absence of a USER directive in the Dockerfiles, causing all processes to run as root. An attacker can gain root privileges within the...