Security
Headlines
HeadlinesLatestCVEs

Tag

#docker

GHSA-j2hr-q93x-gxvh: SSOReady has an XML Signature Bypass via differential XML parsing

Affected versions are vulnerable to XML signature bypass attacks. An attacker can carry out signature bypass if you have access to certain IDP-signed messages. The underlying mechanism exploits differential behavior between XML parsers. Users of https://ssoready.com, the public hosted instance of SSOReady, are unaffected. We advise folks who self-host SSOReady to upgrade to 7f92a06 or later. Do so by updating your SSOReady Docker images from `sha-...` to `sha-7f92a06`. The documentation for self-hosting SSOReady is available [here](https://ssoready.com/docs/self-hosting/self-hosting-sso-ready). Vulnerability was discovered by @ahacker1-securesaml. It's likely the precise mechanism of attack affects other SAML implementations, so the reporter and I (@ucarion) have agreed to not disclose it in detail publicly at this time.

ghsa
#vulnerability#web#auth#docker
Red Hat Security Advisory 2024-7819-03

Red Hat Security Advisory 2024-7819-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-7793-03

Red Hat Security Advisory 2024-7793-03 - An update for buildah is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

GHSA-fhqq-8f65-5xfc: Improper Input Validation in Buildah and Podman

A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet

Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to "use Docker Swarm's orchestration features for command-and-control (C2) purposes," Datadog researchers Matt Muir and Andy Giron said in an analysis. The attacks

Gentoo Linux Security Advisory 202409-29

Gentoo Linux Security Advisory 202409-29 - Multiple vulnerabilities have been discovered in Docker, the worst of which could result in denial of service. Versions greater than or equal to 25.0.4 are affected.

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and

Moving DevOps Security Out of 'the Stone Age'

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.

Moving DevOps Security Out of the 'Stone Age'

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.

Harnessing the Power of Cloud App Development and DevOps for Modern Businesses

Leverage Cloud App Development and DevOps to boost business agility, scalability, and security. Optimize operations, deploy faster, and…