The Hacker News - Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances. Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity. "An attacker could exploit a bypass using an API request with Content-Length set
from The Hacker News https://thehackernews.com/2024/07/critical-docker-engine-flaw-allows.html
from The Hacker News https://thehackernews.com/2024/07/critical-docker-engine-flaw-allows.html
Comments
Post a Comment