4 matches found
GHSA-M63V-2G9W-2W6V Fission: Environment Runtime.Container and Builder.Container SecurityContext bypass allows privileged pod creation
Summary A follow-up bypass of the round-4 PodSpec hardening GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48x7, GHSA-v455-mv2v-5g92. Those advisories validate and sanitize the PodSpec spec.runtime.podSpec / spec.builder.podSpec / function.spec.podSpec, but the Environment CRD also exposes...
CVE-2025-14287 Command Injection in mlflow/mlflow
A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the mlflow/sagemaker/init.py file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, whic...
GO-2026-4571 Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID in github.com/henrygd/beszel
Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID in github.com/henrygd/beszel...
CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID
Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...