Vulnerability

Mitigating CVE-2022-0811: Arbitrary code execution affecting CRI-O

Mar 17, 2022 By Stefano Chierici In Sysdig

A new vulnerability CVE-2022-0811, alias cr8escape, with CVSS 8.8 (HIGH) has been found in the CRI-O container engine by Crowdstrike. This vulnerability can lead to arbitrary code execution. The container engines affected are: Any containerized infrastructure that relies on these vulnerable container engines is affected as well, including Kubernetes and OpenShift (version 4.6 to 4.10).

Read Post

Sysdig

Read more about Mitigating CVE-2022-0811: Arbitrary code execution affecting CRI-O

Python RCE vulnerability in Celery

Mar 17, 2022 By Snyk In Snyk

Learn about a new Python RCE vulnerability in Celery! We will dive in to the defective code as well as the fix! Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Python RCE vulnerability in Celery

10 tips for keeping your Docker containers safe from Log4Shell

Mar 17, 2022 By Marco Morales In Snyk

Today we’re pleased to announce an update to our popular Docker and Snyk vulnerability cheat sheet. Since 2020, millions of MacOS and Windows developers have been able to use docker scan to analyze their containers in their local environments as part of their day-to-day development. This capability gives teams feedback at the time of active development for faster cycles.

Read Post

Snyk

Read more about 10 tips for keeping your Docker containers safe from Log4Shell

Most Common Authorization Vulnerabilities

Mar 16, 2022 By Sakshyam Shah In Teleport

Authorization vulnerabilities allow malicious users to perform unwanted actions or access resources that are deemed protected otherwise. Authorization vulnerabilities are one of the most widely found vulnerabilities in web applications. The OWASP top 10 list of web application security risks listed broken access control vulnerabilities as the number one risk in 2021, so understanding authorization vulnerabilities is an important topic for application security engineers.

Read Post

Teleport

Read more about Most Common Authorization Vulnerabilities

Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine

Mar 16, 2022 By Liran Tal In Snyk

On March 15, 2022, users of the popular Vue.js frontend JavaScript framework started experiencing what can only be described as a supply chain attack impacting the npm ecosystem. This was the result of the nested dependencies node-ipc and peacenotwar being sabotaged as an act of protest by the maintainer of the node-ipc package.

Read Post

Snyk

Read more about Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine

Live Hacking: Find Vulnerabilities in Your Apps Before Hackers do

Mar 16, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Live Hacking: Find Vulnerabilities in Your Apps Before Hackers do

7 RCE and DoS vulnerabilities Found in ClickHouse DBMS

Mar 15, 2022 By Uriya Yavnieli and Or Peles In JFrog

The JFrog Security research team constantly monitors open-source projects to find new vulnerabilities or malicious packages and share them with the wider community to help improve their overall security posture. As part of this effort, the team recently discovered seven new security vulnerabilities in ClickHouse, a widely used open-source Database Management System (DBMS) dedicated to online analytical processing (OLAP).

Read Post

JFrog

Read more about 7 RCE and DoS vulnerabilities Found in ClickHouse DBMS

cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811)

Mar 15, 2022 By John Walker - Manoj Ahuje In CrowdStrike

CrowdStrike’s Cloud Threat Research team discovered a zero-day vulnerability (CVE-2022-0811) in CRI-O (a container runtime engine underpinning Kubernetes). Dubbed “cr8escape,” when invoked, an attacker could escape from a Kubernetes container and gain root access to the host and be able to move anywhere in the cluster.

Read Post

CrowdStrike

Read more about cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811)

Detecting and responding to Dirty Pipe with Elastic

Mar 15, 2022 By Elastic Security Team In Elastic

In recent days, several security vendors have published blogs about the Linux-based exploitation (CVE-2022-0847), also known as Dirty Pipe. The Elastic Security Research team is sharing the first detailed research to help organizations find and alert on the exploitation with Elastic Security products. We are releasing this research so that users can defend themselves, since very little information has been shared on the actual detection of exploitation attempts.

Read Post

Elastic

Read more about Detecting and responding to Dirty Pipe with Elastic

Identifying and Avoiding Malicious Packages

Mar 14, 2022 By JFrog In JFrog

Securing your software supply chain is absolutely critical as attackers are getting more sophisticated in their ability to infect software at all stages of the development lifecycle. This webinar, hosted by JFrog Director of Threat Research Jonathan Sar Shalom, will be a technical showcase of the different types of malicious packages that are prevalent today in the PyPI (Python) and npm (Node.js) package repositories. All examples shown in the webinar will be based on real data and malicious packages that were identified and disclosed by the JFrog security research team.

View Video