#AuthorizationPlugins

You should probably fix this 5-year-old critical Docker vuln fairly sharpish

by

July 25, 2024 at 09:49AM Docker warns users to patch their Docker Engine due to a critical vulnerability (CVE-2024-41110) present for five years. This bug allows attackers to exploit authorization plugins, potentially leading to privilege escalation and unintended commands execution. While the likelihood of exploitation is low, the severity score is high, and affected users … Read more

Docker fixes critical 5-year old authentication bypass flaw

by

July 24, 2024 at 03:05PM Docker has issued security updates to address a critical vulnerability in certain versions of Docker Engine, which could allow attackers to bypass authorization plugins under specific conditions. The flaw, identified as CVE-2024-41110, affects several versions of Docker Engine, and patched versions up to v27.1.0 are advised for impacted users. Additionally, … Read more