Lucene search
K

4 matches found

OSV
OSV
added 2026/06/30 6:20 p.m.4 views

GHSA-M63V-2G9W-2W6V Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation

Summary A follow-up bypass of the round-4 PodSpec hardening GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48x7, GHSA-v455-mv2v-5g92. Those advisories validate and sanitize the PodSpec spec.runtime.podSpec / spec.builder.podSpec / function.spec.podSpec, but the Environment CRD also exposes...

9.9CVSS5.8AI score0.0029EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/15 9:27 a.m.38 views

CVE-2025-14287 Command Injection in mlflow/mlflow

A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the mlflow/sagemaker/init.py file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, whic...

7.5CVSS0.01456EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4571 Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID in github.com/henrygd/beszel

Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID in github.com/henrygd/beszel...

6.5CVSS5.8AI score0.00484EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/27 7:41 p.m.3 views

CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

6.5CVSS6AI score0.00484EPSS
Exploits1References2
Rows per page
Query Builder