Docker AuthZ bypass via oversized request body
CVE-2026-34040 lets attackers bypass Docker AuthZ plugins with a padded API request — upgrade to Moby 29.3.1 or later.
Container Security
2 articles tagged #container-security
Articles tagged Container Security
Docker cp Was a Root Hole: Three CVEs Fixed
Docker Engine 29.5.1 patches three vulnerabilities in docker cp, including one that let a malicious container execute arbitrary code as root on the host by hijacking the decompression binary lookup.